Mar 29 2018 09:42 AM - edited Mar 29 2018 09:43 AM
Hi Guys,
I am trying to connect my office365 account to my Desktop Outlook 2016 application and i am getting the following message "The security certificate has expired or is not yet valid"
I was searching for this issue but i didn't find any solution.
Does anyone know what to do?
Thank you!!
Stavros
Mar 29 2018 09:54 AM
This looks like it could be a result of being in hybrid where the certificate being presented by your on-premises server(s) for autodiscover may not be valid.
Mar 29 2018 11:50 AM
Thank you Christopher for your answer.
The only connectivity that office 365 has is with my hosting.
I checked again my DNS functions and i believe that are correct.
The autodiscover should be autodiscover.outlook.com if i am right.
Am i missing something here? :)
Thank you again
Mar 29 2018 12:03 PM
When you click the View Certificate button in the warning, what is the subject name that is displayed?
Mar 29 2018 12:11 PM
subject
CN = mydomainname.com
OU = PositiveSSL
OU = Hosted by Hostgator.com LLC
OU = Domain Control Validated
Mar 29 2018 12:15 PM
Mar 29 2018 12:23 PM
Hi Nuno,
The messages are :
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mydomain.com, OU=PositiveSSL, OU=Hosted by Hostgator.com LLC, OU=Domain Control Validated.
A certificate chain couldn't be constructed for the certificate.
and second
Testing TCP port 443 on host autodiscover.mydomain.com to ensure it's listening and open.
The specified port is either blocked, not listening, or not producing the expected response.
Thank you for your help
Mar 29 2018 12:30 PM
Hi Stavros,
That's the cause, and keep post here how the cause is based on what you found on test autodiscover.
Mar 29 2018 12:36 PM
Mar 29 2018 12:42 PM
Hi Stravos,
If your autodiscover record point to that provider and is your architecture, you will need to talk with them and correct the certificate. If you can describe here more detail on your architecture and the full result of autodiscover test (Without sensitive information) we could help more.
Mar 29 2018 12:50 PM
Hi Nuno,
I really appreciate your help. I will talk first with Hostgator to check if they can help and i will update again the post.
Thank you in advance.
Dec 11 2018 05:19 AM
Dec 11 2018 10:31 PM
Nop i didn't find any solution. I just have the users to click a yes and all are sync normaly
Dec 11 2018 11:40 PM
You can check your domain here https://www.ssllabs.com/ssltest it might give you an error that full chain of certificate is not installed (under Certification Path - press Click here to expand). It should say Sent by server in first two steps. If one of the steps is Additional download, then it is an issue. In that case you or your hosting provider have to install the certificate properly by combining full chain.
We had similar issue where mobile Skype app was complaining about bad certificate (though our page was showing green lock in browsers). I guess mobile apps can't get full chain on their own and expect it from a domain. Installing full chain fixed problem for us.
Dec 11 2018 11:57 PM - edited Dec 12 2018 12:09 AM
hi friend, i do it and it show this to me
Path #1: Trusted
1 Sent by server www.mydomain.com
2 Sent by server GlobeSSL DV Certification Authority 2
3 In trust store USERTrust RSA Certification Authority Self-signed
Path #2: Trusted
1 Sent by server www.mydomain.com
2 Sent by server GlobeSSL DV Certification Authority 2
3 Extra download USERTrust RSA Certification Authority
4 In trust store AddTrust External CA Root Self-signed
Weak or insecure signature, but no impact on root certificate
I managenment my web site, what i need to do?
Thanks!
Dec 12 2018 01:07 AM