Thomas.Poett@TEAMS (MVP Teams and Cross-Tenant Migration Specialist)

First I need to inform you that changing the Default SIP Domain will have huge and undefined serious issue in you deployment. Consider your doings and don't ignore the warnings. I give you an overview about what some customers were planning.  Example: During you setup you had chosen MYCLOUD.AG and now you want to delete this SIP domain and change it to NEWSIP.COM Effect: Sure your uses can have a new SIP domain assigned. Well, they will than need to log out and in once it has change, so also their buddy list gets updated. Well, Federated contact are never updated... BUT/ WARNING: There are several RtcApplications, Conferencing, Auto Test Service, Group Chat Server and much more (RSG, CAA,...). Those applications have also SIP addresses assigned. They are written to the Lync Active Directory Configuration and are also present in the Lync SQL databases. If you change the SIP Domain via the Topology Builder, there is even a serious warning: Get-CsApplicationEnd

Demystify Lync 2013 Server internal certificate requirements © 27.08.2014, Thomas Pött, Microsoft MVP Lync and PLSL 3 rd level Support certified. Version 1.7 . 2 The technical level of this document is 400. This article requires knowledge about certificate authorities, TLS encryption and identity authorization. Lync relay on several external components, as network or certificate authority, especially the CA is an important component for TLS encryption. We need to understand how Lync make use of certificates for authentication, identity authorization and encryption. It also makes differences between Lync service and its related web service, which are even segregated into internal and external site. Note: This document is neither a sizing nor a configuration guide. You should use this document only for your environment planning’s purposes and security considerations. In lager environments you should spend some time to evaluate the optimal path of your certificate deploy