My Lync client on a Windows 7 Pro workstation can login to Lync when set to manual configuration but not when set to automatic. This is while accessing the Lync server internally. When set to automatic, I can see that the SRV records are resolved correctly, but the problem seems to be with the Front End (FE) server certificate. The log on the client shows the following:
SECURE_SOCKET: security negotiation has completed, verifying server cert
SECURE_SOCKET: negotiation failed
CSIPTransportLayerSecurity::OnTlsNegotiationComplete (968d890) failed with 0x800b010f. (CNAME/WrongPrincipal) error. Obtaining remote cert context
The cert (generated by the Deployent Wizard) on the FE has the internal FQDN of the FE as its Subject Name, and has the external FQDN of the FE in its SAN list.
What else have I missed?
Thanks.