This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 17%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
I recently got an email from Sectigo that they are going to remove mTLS or server-to-server authentication from their certificates. I checked and this would impact the Exchange online Hybrid situation as far as i can see it. Does someone know if Microsoft is aware of this and if i further miss something what would break if this is gonna mis from the certificate. As far as i see only Sectigo is gonna do this, but they say as an explanation :
Major browser and root program providers have introduced new security requirements that prohibit the inclusion of the Client Authentication EKU in publicly trusted SSL/TLS certificates. These changes are designed to reinforce certificate purpose specificity and improve ecosystem security.
So maybe other CA's are also doing this after Sectigo announces it. The "solution" is to use a private CA, but thats costly for SMB. Here's more information :
https://www.sectigo.com/faq-client-authentication-eku-deprecation
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Michel Admiraal ,
Welcome to the Microsoft Q&A platform!
Microsoft has not yet issued a definitive announcement or guidance on this adjustment for Sectigo. If there is a significant impact, Microsoft should release an update or guidance on a solution. It is recommended to stay tuned to Microsoft and related technical community announcements.
Any updates so far? If you have solved your problem, could you share with us? Maybe it will help more people with similar problems. Don't forget to mark it as answer, this will be easy for other community members to find the useful one.