Office 365 \ Exchange 2010 Hybrid upgrade


Hello, who can help us solve the following problem?



Exchange 2010 SP3 on-prem in DOMAIN1.COM, with name MAIL.DOMAIN1.COM. Users have an email address ending on @DOMAIN2.COM.

Office365 configured for DOMAIN2.COM users.

We've run the Hybrid Configuration Wizard to connect both systems. When configuring the connectors, we receive an error that Office365 cannot created a TLS connection between O365 DOMAIN2.COM and on-prem DOMAIN1.COM because the certificate handles


Some users are already migrated. But they don't always receive emails from on-prem users, and online users cannot send mails to on-prem users. When we trace the messages we see that messages are sent to So that means that mail are leaving Office365, but they are not received at the on-prem server.


What can we do to solve this?

1 Reply

@Johan Pauly  - hi Johan. What are the mx records pointed to for each domain? (onprem or o365?)


How many users need to be migrated to  Also can you confirm you are using 2 separate o365 tenants or is this a single tenant with multiple domains?


I believe if it is a low number, the best method would be to create empty mailboxes for them in o365, cutover the mx records, and wait for mailflow to go to their o365 accounts (TTL 1hr?)

Then  simply export the mailboxes to pst and perform a network upload to their corresponding mailboxes manually. This may not be viable if your user count is in the thousands, but for a small to midsize org it should avoid the complexities of connecting your onprem exchange organization to more than one o365 tenant.