2019 Hybrid mail flow failure from on prem to exchange online

Hi Eikehans,

thanks for your update.

The issue still revolves around a certificate validation failure with the FQDN *.mail.onmicrosoft.com.

To address this issue, you can follow these steps for further troubleshooting:

1. Verify Certificate Installation: Make sure the root certificate for Exchange Online (Office 365) is correctly installed on your on-premises Exchange server. Ensure that you have downloaded and installed the most recent root certificates provided by Microsoft and that the root certificate is located in the Trusted Root Certification Authorities store.

2. Check Certificate Validity: Confirm that the certificate on the Exchange Online server is not expired. If it has expired, you should consider renewing or replacing it.

3. Review DNS Configuration: Check that your DNS settings are properly configured to resolve the Fully Qualified Domain Name (FQDN) of the Exchange Online server, which is indicated as *.mail.onmicrosoft.com in your error message. Ensure that the FQDN resolves to the correct IP address.

4. Examine Firewall and Network: Ensure there are no network or firewall issues blocking your on-premises server from establishing a secure connection with Exchange Online.

5. Update Send Connector: Double-check your send connector configuration to ensure it correctly uses the new certificate and that the FQDN matches the certificate.

6. Test Connectivity: Utilize the Test-Mailflow cmdlet to assess mail flow between your on-premises server and Exchange Online. This can help identify and address any connectivity issues.

7. Check Logs and Event Viewer: Inspect the event logs on your on-premises server for additional error information related to the certificate validation failure.