security certificate revoked - outlook.office365.com

John Rovel Kalaw 6

The pictures below started popping up on our PCs. and the PC was using not part of any domain. I tried to follow the link below but the IE was inaccessible. https://answers.microsoft.com/en-us/outlook_com/forum/all/outlookoffice365com-security-certificate-has-been/743bdb2b-06ce-4206-923e-bdb7041528bd

Drifter 1 Reputation point

2022-10-08T18:50:23.963+00:00

I am not a computer person and also have this problem. I clicked into the Security Alert message's "View Certificate" button and saw that the certificate is issued to "outlook.com" while the security message said the internet address "outlook.office365.com" has security concern. That to me essentially is a Microsoft mess up by using Peter's credential to do business as Paul.

I think that I started to have this pop up issue around when the new certificate became effective, that was 7/25/2022.

As to some PCs/Macs don't have the issue maybe because they already have the correct security certificate installed on their computers. There is no setting in my hotmail setup for me to change in Outlook, so so far I am dealing with it by clicking ok on the box everyday.

49 answers

Alex Le 1 Reputation point

2022-11-03T11:45:55.733+00:00

What it looks like to me is they revoked a SSL they were using globally across their 1000s of Exchange server farm. When they revoked the original SSL they have updated most of the servers w the new generated certificate and have overlooked a server or two. Hence why it’s intermittent and only happening to random users.

If they had just one server and the ssl was revoked everyone would get the same error all the time.
Please sign in to rate this answer.
Rod MacPherson 16 Reputation points

2022-11-03T14:50:52.827+00:00

Yes, that is exactly what has happened, but all we can do is keep reporting where we see it and hope that helps MS narrow down which server(s) have the old cert.

Rod MacPherson 16 Reputation points

2022-11-03T14:52:41.307+00:00

Ideally MS should be able to whip together a Powershell script to check the certs on their servers and let them know which ones are non-compliant. This shouldn't have to happen.
Sign in to comment
Jeff J 1 Reputation point

2022-11-03T16:47:37.887+00:00

We've been getting this as well. When we set up our Exchange DNS records for our corp, Microsoft instructs to CNAME your domain to autodiscover.outlook.com for auto discovery as per the CNAME records from the admin centre domain setup wizard. Curiously, autodiscover.outlook.com digs out to other cnames that apparently don't match "outlook.com" See below

C:\Users\jeffj>dig autodiscover.outlook.com

; <<>> DiG 9.16.28 <<>> autodiscover.outlook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36725
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;autodiscover.outlook.com. IN A

;; ANSWER SECTION:
autodiscover.outlook.com. 249 IN CNAME autod.ha-autod.office.com.
autod.ha-autod.office.com. 58 IN CNAME autod.ms-acdc-autod.office.com.
autod.ms-acdc-autod.office.com. 8 IN A 52.96.230.40
autod.ms-acdc-autod.office.com. 8 IN A 40.100.163.184
autod.ms-acdc-autod.office.com. 8 IN A 40.100.162.184
autod.ms-acdc-autod.office.com. 8 IN A 52.96.163.232

Microsoft's connectivity test uses autodiscover-s.outlook.com which of course always passes. Digging that shows that it cname's to outlook.office365.com

C:\Users\jeffj>dig autodiscover-s.outlook.com

; <<>> DiG 9.16.28 <<>> autodiscover-s.outlook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50587
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;autodiscover-s.outlook.com. IN A

;; ANSWER SECTION:
autodiscover-s.outlook.com. 130 IN CNAME outlook.office365.com.
outlook.office365.com. 151 IN CNAME outlook.ha.office365.com.
outlook.ha.office365.com. 54 IN CNAME outlook.ms-acdc.office.com.
outlook.ms-acdc.office.com. 3594 IN CNAME yyz-efz.ms-acdc.office.com.
yyz-efz.ms-acdc.office.com. 4 IN A 52.96.215.82
yyz-efz.ms-acdc.office.com. 4 IN A 52.96.88.226
yyz-efz.ms-acdc.office.com. 4 IN A 52.96.88.210
yyz-efz.ms-acdc.office.com. 4 IN A 52.96.230.226

I went ahead and changed my autodiscovery record in my corps dns to CNAME to autodiscover-s.outlook.com instead of the suggested autodiscover-s.outlook.com by Exchanges wizard and so far I have not had the Cert revoked error come back up.

Don't know if this s the definitive solution, but the workaround appears to work.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment
Angela Dunn 1 Reputation point

2022-11-03T21:40:44.977+00:00

Goodness, I see this has been an issue for many others as well. I'm in a hybrid AD and O365 environment with about 135 Windows 10 laptops. And I have ONE person that this is happening to when she's on the wired network at the office, as well as when she's at her home office. I'm about to open a support ticket with MS Support, but this needs to be fixed!
Please sign in to rate this answer.

0 comments No comments
Sign in to comment
Stuart Seeley 1 Reputation point

2022-11-08T00:47:23.58+00:00

Also been seeing this for a few months now. My perception is it's happening to everyone and not many are complaining because they can click on OK and carry on. Happens at the office, at peoples homes, on windows 7, 10 and 11... and on iPhones too. Microsoft forgetting to update some servers makes the most sense to me.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment
Wendy 1 Reputation point

2022-11-08T15:07:04.797+00:00

Any solutions from MS?
Same thing happens in our tenant, already created a case on MS support, no answer from the case owner so far.
Please sign in to rate this answer.
Tim 6 Reputation points

2022-11-14T14:14:06.077+00:00

According to MS this is fixed now, but better just monitor and see

Final status: Our analysis of the Outlook client diagnostic and memory process logs identified a subset of network infrastructure that processes Transport Layer Security (TLS) requests wasn't functioning as expect, resulting in impact. We've disabled this problematic network path, allowing traffic to flow through alternate routes and remediating impact.

Root cause: A subset of network infrastructure that processes TLS requests wasn't functioning as expect, resulting in impact.
Next steps:

We're identifying methods of bolstering the reliability of TLS infrastructure to prevent similar impact from occurring in the future.

We're analyzing our findings from this event's investigation to improve our network infrastructure monitoring to more quickly detect and address issues of this nature.

This is the final update for the event.

Daniel 1 Reputation point

2022-11-14T14:19:58.857+00:00

Thank you, Tim, for pursuing this with Microsoft, and sharing the answer from Microsoft as to the solution!
Sign in to comment

Share via

security certificate revoked - outlook.office365.com

49 answers