Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 108
  • Last Modified:

Office 365 SSL Issues

Hi Experts,

I have an interesting issue one that Microsoft was not able to assist me with. We are running Office 365 but when we connect outlook clients it looks to the SSL certificate of our DNS hosting server. I don't know why it does this & why it doesn't get the SSL info from Office 365.

Is this by design, if so why?

Look forward to your feedback.
0
isdd2000
Asked:
isdd2000
  • 2
  • 2
1 Solution
 
Vasil Michev (MVP)Commented:
CPanel? There's some "feature" that basically responds to autodiscover requests, so you should turn it off. If not possible to turn it off on the "server" side, you can deploy the reg keys mentioned in this article to "instruct" Outlook to bypass it: http://support.microsoft.com/kb/2212902

All you need working for O365 is the HTTP redirect method (CNAME).
0
 
Adam BrownSr Solutions ArchitectCommented:
Specifically, the Outlook autodiscover lookup pattern goes like this:
1. Check the AD SCP for autodiscover
2. Check domain.com for autodiscover
3. Check autodiscover.domain.com for autodiscover
4. check SRV record for autodiscover

If there is a web server located at domain.com that gives anything other than a 404 response when someone attempts to connect to https://domain.com/autodiscover/autodiscover.xml
Outlook will give a certificate warning when it runs that lookup. Since the domain.com lookup happens before autodiscover.domain.com in the process by default, it will give the certificate warning when it receives the non-404 response from the server. As Vasil mentioned, that portion of the lookup can be skipped to prevent the error from happening. A more appropriate fix would be to reconfigure the webserver at domain.com so it doesn't respond with redirects or other "valid" server responses when attempting to access URLs that don't exist on it.
0
 
isdd2000Author Commented:
Hi Guys,

Apparently the feature to turn off response to auto discover is disabled but it still pops up??
0
 
Vasil Michev (MVP)Commented:
Well if you cannot control it server-side, use the Outlook reg keys detailed in the article I linked above.
0
 
isdd2000Author Commented:
The issue is an inherent issue with Microsoft auto discover process, only solution is to add registry keys.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now