After working with my internal IT department, they've determined that the simple reason I cannot get to the Lync server from my home computer is because it is not a member of the domain. There are two solutions they proposed: join the domain, or VPN in. The former isn't really an option, and the latter is a solution I can make work (only connect when I really need to talk to someone; running all my traffic through the VPN is downright miserable).
The error I get when I connect is:
"There was a problem verifying the certificate from the server. Sign-in may be
delayed while we retry the connection..."
more detailed error:
02/15/2013|18:05:57.470 1C58:C28 TRACE :: SECURE_SOCKET: security negotiation has completed, verifying server cert
02/15/2013|18:05:57.472 1C58:C28 ERROR :: SECURE_SOCKET: negotiation failed
02/15/2013|18:05:57.472 1C58:13D0 ERROR :: CSIPTransportLayerSecurity::OnTlsNegotiationComplete (65ea2f0) failed with 0x80ee0065. Raising OnConnect with the same error
02/15/2013|18:05:57.472 1C58:13D0 ERROR :: CSIPClientConnection::OnConnect (80ee0065) this: 01D7B0A0
02/15/2013|18:05:57.472 1C58:13D0 INFO :: SIP_MSG_PROCESSOR::OnRequestConnectionConnectComplete - Enter this: 065E2848, callid=(null), ErrorCode: 0x80ee0065
02/15/2013|18:05:57.472 1C58:13D0 ERROR :: Releasing connection and notifying transactions
02/15/2013|18:05:57.472 1C58:13D0 ERROR :: SIP_MSG_PROCESSOR::NotifyRequestConnectionConnectComplete - Error: 80ee0065
02/15/2013|18:05:57.472 1C58:13D0 TRACE :: CSIPTransportLayerSecurity::Shutdown - [0x065EA2F0]
As a developer, this looks like a different version of the SSL errors I get when I visit a website that's using a misnamed certificate. With that thinking, I went ahead and VPNed in, grabbed the certificate it presented me with and accepted it. Then I added it into my trusted CAs just to be sure. I was really hoping this would work, but results in the same error.
Anyone played this game before? Is there a workaround?