You may run into these warning while installing Lync Server 2013:
WARNING: The chain of the certificate “XYZ” is invalid.
WARNING: “Request-CSCertificate” processing has completed with warnings. “1” warnings were recorded during this run.
Resolution
The reason you get these warnings is that certificate publisher is not in your Trusted Root Certification Authorities list. Follow the steps below in order to add your publisher into the list. In my case, publisher is AD Certificate Services.
- Go to certificate request website. The address must be similar to http://dc01.yourdomain.local/certsrv
- Click “Download a CA certificate, certificate chain, or CRL“
- Click “Download CA certificate chain”
Downloading certificate chain from AD CS - Import the downloaded certificate file into your Trusted Root Certification Authorities list (
Run > mmc > File > Add/Remove Snap-in > Certificates > Computer Account > Trusted Root Certification Authorities > Right Click > Certificates > All Tasks > Import)
Adding certificate into Trusted Root Certification Authorities list
Many thanks The Lync Dude