As certificates have become common in deploying of Live Communication Server 2005 I put together a list of common issues one can experience with certificates and LCS 2005.
My certificate has expired. How should I replace it?
When a certificate expires on the LCS 2005 frontend system(s) you will notice that users are not able to login anymore with TLS. If LCS 2005 Enterprise Edition is deployed the nodes will be unable to communicate with each other using MTLS. This will cause messages to be undelivered between servers. Usually the certificate is replaced before this causes a bad day for administrators however I have noticed that many times the certificate is not being replaced successfully.
In order to replace the certificate successfully a new one should be issued to the same FQDN (fully qualified name) as the server or the pool name (in the case of Enterprise Edition). If using Enterprise Edition it should also have a subject alternative name listing both the pool and the FQDN of the server. The intended purpose (Enhanced Key Usage) of the certificate should have