Exchange/Outlook — There is a Problem with The Proxy Server’s Security Certificate [Fix]

Last Updated: September 28, 2021

Jason

Jason

You receive an error and Microsoft asks you for a password, telling you that there’s a problem with your security certificate or the name on the certificate doesn’t match the new target site webmail.domain.com.
Exchange/Outlook — There is a Problem with The Proxy Server’s Security Certificate
EarthWeb is reader-supported. When you buy through links on our site, we may earn an affiliate commission.

Issue

What is this issue Outlook account holders are facing?

Microsoft Outlook works fine when you use a proper SSL certificate.

But the problem arises when you replace that SSL with a single server certificate. This stops you from accessing your Outlook account using HTTP Proxy Method.

You receive an error and Microsoft asks you for a password, telling you that there’s a problem with your security certificate or the name on the certificate doesn’t match the new target site webmail.domain.com.

Let’s solve this issue by the following method.

exchange-outlook

Resolution

The good news is if you use Outlook 2010 or Outlook 2013, you can manually change Exchange Proxy Settings.

So, how can you do this?

  • Open Outlook and navigate to the Account Settings.
  • Then, go to Connection > Exchange Proxy Settings.
  • Now, look for “Only connect to proxy servers that have this principal name in their certificate.”
  • Replace “most:.domain.com” with “most:webmail.domain.com”
exchange-outlook

This method doesn’t work with Microsoft Outlook 2016 because it uses Exchange auto- discover to configure Exchange accounts.

If you use Outlook 2016, you need to make sure that MS Exchange auto-discover pushes the correct certificate principal name.

You can do this by:

  • Logging into Exchange and starting the Management Shell.
  • Now, run the command: Get – OutlookProvider -Identity EXPR I fI
    After doing this, check for the values.
  • CertPrincipalName – This must have the correct SSL certificate common/Principal name following the format: msstd:webmail.domain.com
  • You can leave the “Server” space blank.
  • But sometimes the problem persists when the server’s name is incorrect.
  • If this happens, run the command: Srt-OutlookProvider -id EXPR -Server
    “servername” – certPrincipalName “most:webmail.domain.com”
  • And if the server isn’t blank, then run the following command: Set-OutlookProvider -id EXPR -server $null
  • You can do all this, but sometimes Outlook 2016 won’t update an existing account with a new certificate name.
  • So, what can you do?
  • The best method is to dismiss all errors and add the same Outlook account again. This will update the existing settings.

Conclusion

There you have it. Now you know how to solve the issue when Outlook displays an error and restricts you from accessing your account.

These methods work effectively, but if they don’t help, you can add the same Exchange account again.

Written by Jason

Hi! I’m the editor at EarthWeb. I have a deep interest in technology and business. I also enjoy testing products out. Contact me to be featured!

Latest Stories

Get the latest from EarthWeb!

Don't worry, we don't spam