LS Data MCU error on SfB 2015 after May OS Patch

The May 2017 .NET patches introduced a problem in both Skype for Business 2015 and LYNC 2010/ 2013 servers – after the patch the way that .Net handles EKU’s in a certificate has changed.

The issue you will find is seen in the event viewer at both all frontends, and on the edge server aswell.

Front End event log every minute, Event ID 41026 followed by 41025:

And on the Edge server you will find:

 Microsoft has confirmed this issue:

Follow the above article to mitigate the problem – either fix the CA template and reissue the Edge server internal certificate OR add this RegKey that will omit this check.

Run the following regadd in a CMD as administrator – that will add this key with the default path of Web conferencing components.

NOTE if your install path is anything but default, change the corresponding path in the reg add cmd.

LYNC Server 2010
reg add HKLMSOFTWAREMicrosoft.NETFrameworkv2.0.50727System.Net.ServicePointManager.RequireCertificateEKUs /v “C:Program FilesMicrosoft Lync Server 2010Web ConferencingDataMCUSvc.exe” /t REG_DWORD /d 0 /f

Lync Server 2013:

reg add HKLMSOFTWAREMicrosoft.NETFrameworkv4.0.30319System.Net.ServicePointManager.RequireCertificateEKUs /v “C:Program FilesMicrosoft Lync Server 2013Web ConferencingDataMCUSvc.exe” /t REG_DWORD /d 0 /f

Skype for Business Server 2015:

reg add HKLMSOFTWAREMicrosoft.NETFrameworkv4.0.30319System.Net.ServicePointManager.RequireCertificateEKUs /v “C:Program FilesSkype for Business Server 2015Web ConferencingDataMCUSvc.exe” /t REG_DWORD /d 0 /f

After adding the registry key simply restart the Web Conferencing service and the errors will go away – and any related conferencing errors will also reolve.


Leave a Reply

Your email address will not be published. Required fields are marked *