Lync/SfB Server: OAuthTokenIssuer, Assigned certificate not found or untrusted.

In a recent support case the OAuth certificate was missing in one of the Front Ends:

We also notice the Missing message in the Deployment Wizard Step 3, for the OAuth certificate:

And in PowerShell we had the following error when we tried to check the certificates:

Get-CsCertificate
https://technet.microsoft.com/en-us/library/gg398227.aspx

Get-CsCertificate : OAuthTokenIssuer: Assigned certificate not found or untrusted. Check that the certificate exists
in the certificate store, that it is not expired and that the certificate chain is valid.

Since the OAuth certificate is a Global setting and it’s replicated, we don’t need to request a new one.

To restore the OAuth certificate, we simply need to restart the Lync/SfB Server Replica Replicator Agent:

During start-up the Replica Replicator Agent will add the OAuth certificate again to the Computer Certificate Store:

We can also check the Deployment Wizard Step 3, to confirm that the correct certificate will be displayed:

For reference, here is the PowerShell output:

Get-CsCertificate -Type OAuthTokenIssuer

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.