Please, prepare the following certificates (could be one certificate with all hosts or a wildcard certificate). It should be signed by a Certificate Authority trust by your users/machines.
The Forward Proxy certificate should contain:
DNS Name=*.sharepoint.com
DNS Name=*.sharepointonline.com
DNS Name=teams.microsoft.com
DNS Name=*.teams.microsoft.com
DNS Name=*.ng.msg.teams.microsoft.com
DNS Name=pipe.skype.com
DNS Name=*.pipe.skype.com
DNS Name=*.notifications.teams.microsoft.com
DNS Name=*.asyncgw.teams.microsoft.com
DNS Name=*.agatskype.net
DNS Name=*.msgapi.teams.microsoft.com
The Admin Portal certificate should contain:
- Unique hostname for the service (eg, ap.yourdomain.com).