Forum Discussion
Mike Parker
Dec 07, 2016Iron Contributor
Hi,
Have you verified that you can contact the CRL from within your network and that the certificate thumbprint of the cert you are getting the error with isn't in that list? I have seen issues like this normally for a couple of hours but nothing long term. Just off the top of my head it sounds like it could be some issue contacting the CRL or some sort of Proxy in the middle of your clients and Exchange Online which is doing something strange with certificates?
Mike
Have you verified that you can contact the CRL from within your network and that the certificate thumbprint of the cert you are getting the error with isn't in that list? I have seen issues like this normally for a couple of hours but nothing long term. Just off the top of my head it sounds like it could be some issue contacting the CRL or some sort of Proxy in the middle of your clients and Exchange Online which is doing something strange with certificates?
Mike
- Off2w0rkDec 07, 2016Brass Contributor
Hi Mark,
yes we can access the urls fine and the certificate is not on revoke list.
We do use Zscaler for web filtering, but since the urls are not blocked and are accessible it is pretty strange. We had this issue for almost a year now, even before we implemented Zscaler.
Im not the only one getting this error either, since more and more users are complaining about it. Since EXO team closed the case, there is nothing much we can do.
- Robert SkawinskiDec 15, 2016Copper Contributor
Hi,
same Problem here. We are deploying a new Exchange Server 2016 and some Clients have this problem sometimes.
- CA-ROOT is inside Trusted Root Certification Authorities
- Internet Explorer shows everything as valid
- CRL is reachable from inside and outside
Please help
br
Robert Skawinski