Error message when you configure a certificate for an external connection on a computer that is running Live Communication Server 2005: "Live Communications Server requires a certificate that has both Server and Client Authentication attributes" (911785)


The information in this article applies to:

  • Microsoft Office Live Communications Server 2005 Enterprise Edition
  • Microsoft Office Live Communications Server 2005 Standard Edition

SYMPTOMS

You configure a certificate for an Access Proxy server on a computer that is running Microsoft Office Live Communications Server 2005. When you configure this certificate for an external connection, you receive the following error message:
Live Communications Server requires a certificate that has both Server and Client Authentication attributes as part of its Enhanced Key Usage (EKU). Please select a new one.
Additionally, if you double-click this certificate, click the Details tab, and then click the Enhanced Key Usage field, you receive the following message:Client Authentication (1.3.6.1.5.5.7.3.2) Server Authentication (1.3.6.1.5.5.7.3.1)

RESOLUTION

To resolve this issue, follow these steps:
  1. Click Start, click Run, type mmc, and then click OK.
  2. On the File menu, click Add/Remove Snap-in.
  3. Click Add on the Standalone tab, click Certificates, and then click Add.
  4. Click Computer account, click Next, and then click Finish.
  5. Click Close, and then click OK.
  6. Expand Certificates (Local Computer), expand Personal, and then click Certificates.
  7. In the right pane, double-click the certificate that you are trying to use with Live Communications Server 2005.
  8. Click the Certification path tab, and then click the parent certificate of the certificate that caused the error message.
  9. Click View Certificate, and then click the Details tab.
  10. Click Key Usage, and then click Edit Properties.
  11. In the Certificate purposes area, click Enable only the following purposes.
  12. Verify that both the Client Authentication check box and the Server Authentication check box are selected, and then click OK two times.
  13. Close the Microsoft Management Console (MMC) snap-in.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Modification Type:MajorLast Reviewed:12/29/2005
Keywords:kbtshoot kbprb KB911785 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.