Melissa
asked on
SSL security alert
We have a SBS2011 Server that used to host Exchange. 6 months ago we migrated their email hosting to Office 365. All is working well except recently an SSL certificate for SBS2011/Exchange 2010 had expired. Some of my workstations when opening Outlook (2013 version) throws up the Security Alert Dialogue stating the SSL has since expired. User's can simply hit 'YES' to proceed and operation is unaffected.
I have since removed the applicable SSL from the EMC but I'm still getting this warning. My other workstations with Outlook 2016 don't have this issue. All Outlook clients can connect to Office 365 using correct AutoDiscover.
I have since removed the applicable SSL from the EMC but I'm still getting this warning. My other workstations with Outlook 2016 don't have this issue. All Outlook clients can connect to Office 365 using correct AutoDiscover.
ASKER
Thanks Dr Klahn.
I had already previously tried clearing SSL states but did so again after a reboot.
I have also followed instructions to deleting local CRL cache on one of my Windows workstation (rebooting computer as well) which hasn't made any changes to my issue.
The issue is affecting my user's with Outlook 2013 so i suspect the issue has something to do with the way Outlook 2013 is currently doing an autodiscover lookup?
I had already previously tried clearing SSL states but did so again after a reboot.
I have also followed instructions to deleting local CRL cache on one of my Windows workstation (rebooting computer as well) which hasn't made any changes to my issue.
The issue is affecting my user's with Outlook 2013 so i suspect the issue has something to do with the way Outlook 2013 is currently doing an autodiscover lookup?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://security.stackexchange.com/questions/40179/is-there-an-ssl-tls-certificate-state-cache-on-windows-ie-and-outlook-and-ho
You might try the following approaches on one of the client machines. Then reboot it and see if the problem is alleviated. It will be annoying to do this at each and every machine, though, unless you can push a script.
https://my.justhost.com/hosting/help/clear-local-ssl
https://mssec.wordpress.com/2013/04/09/delete-local-crl-cache-in-windows/