Like all other roles in Lync Server, the Mediation Server communicates with other servers in the organization using Mutual Transport Layer Security (MTLS). To leverage MTLS, the Mediation Servers will need at least one certificate installed that meets a few requirements. A single certificate meeting these requirements can be used:
• The subject name should contain the pool’s fully qualified domain name (FQDN).
• The server name should be included as a subject alternative name.
The Certificate Wizard in Lync Server 2013 will automatically populate the subject name and any required subject alternative names based on the published topology, which greatly simplifies certificate confusion created by prior versions.