Microsoft KB Archive/911785

= Error message when you configure a certificate for an external connection on a computer that is running Live Communication Server 2005: &quot;Live Communications Server requires a certificate that has both Server and Client Authentication attributes&quot; =

Article ID: 911785

Article Last Modified on 12/29/2005

-

APPLIES TO


 * Microsoft Office Live Communications Server 2005 Enterprise Edition
 * Microsoft Office Live Communications Server 2005 Standard Edition

-





SYMPTOMS
You configure a certificate for an Access Proxy server on a computer that is running Microsoft Office Live Communications Server 2005. When you configure this certificate for an external connection, you receive the following error message:

Live Communications Server requires a certificate that has both Server and Client Authentication attributes as part of its Enhanced Key Usage (EKU). Please select a new one.

Additionally, if you double-click this certificate, click the Details tab, and then click the Enhanced Key Usage field, you receive the following message:

Client Authentication (1.3.6.1.5.5.7.3.2) Server Authentication (1.3.6.1.5.5.7.3.1)



RESOLUTION
To resolve this issue, follow these steps:
 * 1) Click Start, click Run, type mmc, and then click OK.
 * 2) On the File menu, click Add/Remove Snap-in.
 * 3) Click Add on the Standalone tab, click Certificates, and then click Add.
 * 4) Click Computer account, click Next, and then click Finish.
 * 5) Click Close, and then click OK.
 * 6) Expand Certificates (Local Computer), expand Personal, and then click Certificates.
 * 7) In the right pane, double-click the certificate that you are trying to use with Live Communications Server 2005.
 * 8) Click the Certification path tab, and then click the parent certificate of the certificate that caused the error message.
 * 9) Click View Certificate, and then click the Details tab.
 * 10) Click Key Usage, and then click Edit Properties.
 * 11) In the Certificate purposes area, click Enable only the following purposes.
 * 12) Verify that both the Client Authentication check box and the Server Authentication check box are selected, and then click OK two times.
 * 13) Close the Microsoft Management Console (MMC) snap-in.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

Additional query words: Live communications Server 2005 Certificates Access Proxy

Keywords: kbtshoot kbprb KB911785

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.