Microsoft KB Archive/918284

= The Public Instant Messaging Connectivity (PIC) feature does not work in Live Communications Server 2005 Service Pack 1 (SP1) and Office Communicator 2007 =

Article ID: 918284

Article Last Modified on 12/4/2007

-

APPLIES TO

 Microsoft Office Communicator 2007 Microsoft Office Live Communications Server 2005 Service Pack 1, when used with:  Microsoft Office Live Communications Server 2005 Standard Edition

 Microsoft Office Live Communications Server 2005 Enterprise Edition 

-



INTRODUCTION
Microsoft Office Communicator 2007 and Microsoft Office Live Communications Server 2005 Service Pack 1 (SP1) enable the Public Instant Messaging Connectivity (PIC) feature. This feature provides Instant Messaging connectivity between Live Communications Server clients in separate enterprise environments by using the &quot;public cloud&quot; of participating Internet service providers (ISPs). Currently, these ISPs are MSN, Yahoo, and America Online (AOL).

When you try to use the PIC feature, you may experience the following symptoms:
 * PIC will not work with trial certificates.
 * PIC will not work when you use Entrust Standard certificates to connect to AOL on an Access Proxy server. However, PIC will work when you use Entrust Standard certificates to connect to MSN and Yahoo on an Access Proxy server. Entrust Advantage and Entrust UC certificates will work with connections to all three PIC providers.



MORE INFORMATION
A trial certificate will not work with the PIC feature because the ISPs do not trust the trial root certification authority. A trial certificate is used only for internal tests.

The AOL Session Initiation Protocol (SIP) gateway uses both the server authentication attribute and the client authentication attribute of the certificate to establish an encrypted channel between servers. By default, Entrust certificates do not include the client authentication attribute. Therefore, the PIC feature does not work when you use Entrust certificates to connect to AOL.

By contrast, MSN and Yahoo use only the server authentication attribute of the certificate. Therefore, the PIC feature does work when you use Entrust certificates to connect to MSN and Yahoo.

You can contact the certification authority to upgrade the certificate to include both the server authentication attribute and the client authentication attribute. Alternatively, obtain certificates that include both the server authentication attribute and the client authentication attribute. Verisign, Thawte, and Cybertrust are certification authorities that provide both the server authentication attribute and the client authentication attribute in their certificates.

For more information about Live Communications Server products, visit the following Microsoft Web site:

http://www.microsoft.com/uk/office/livecomm/prodinfo/default.mspx

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Additional query words: CM53652 lcs ca isp aol

Keywords: kbcrypt kbinfo KB918284

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.