Like all other roles in Lync Server, the Edge Server communicates to other servers in the organization using Mutual Transport Layer Security (MTLS). The Edge Server requires two certificates. At a minimum, the Edge Server always requires a certificate with its internal fully qualified domain name (FQDN) for communication to other servers, and a certificate for external services with all public FQDNs that are used. For internal certificates, the subject name should contain the Edge pool’s internal FQDN.
The certificate used for Access Edge services should adhere to the following guidelines:
• The subject name should be the published name for Access Edge services.
• All supported SIP domains must be entered as a subject alternative ...