Link to home
Start Free TrialLog in
Avatar of Melissa
MelissaFlag for Australia

asked on

SSL security alert

We have a SBS2011 Server that used to host Exchange. 6 months ago we migrated their email hosting to Office 365. All is working well except recently an SSL certificate for SBS2011/Exchange 2010 had expired. Some of my workstations when opening Outlook (2013 version) throws up the Security Alert Dialogue stating the SSL has since expired. User's can simply hit 'YES' to proceed and operation is unaffected.
I have since removed the applicable SSL from the EMC but I'm still getting this warning.  My other workstations with Outlook 2016 don't have this issue. All Outlook clients can connect to Office 365 using correct AutoDiscover.
Avatar of Dr. Klahn
Dr. Klahn

The client machines may be caching the expired certificate.  This would have to be a semi-permanent cache on disk, not an in-memory cache, so it would persist across reboots.

https://security.stackexchange.com/questions/40179/is-there-an-ssl-tls-certificate-state-cache-on-windows-ie-and-outlook-and-ho

You might try the following approaches on one of the client machines.  Then reboot it and see if the problem is alleviated.  It will be annoying to do this at each and every machine, though, unless you can push a script.

https://my.justhost.com/hosting/help/clear-local-ssl

https://mssec.wordpress.com/2013/04/09/delete-local-crl-cache-in-windows/
Avatar of Melissa

ASKER

Thanks Dr Klahn.

I had already previously tried clearing SSL states but did so again after a reboot.

I have also followed instructions to deleting local CRL cache on one of my Windows workstation (rebooting computer as well) which hasn't made any changes to my issue.

The issue is affecting my user's with Outlook 2013 so i suspect the issue has something to do with the way Outlook 2013 is currently doing an autodiscover lookup?
ASKER CERTIFIED SOLUTION
Avatar of Melissa
Melissa
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial