Exchange/Outlook — There is a Problem with The Proxy Server’s Security Certificate

Exchange/Outlook — There is a Problem with The Proxy Server’s Security Certificate [Fix]

Published on: April 18, 2023
Last Updated: April 18, 2023

Exchange/Outlook — There is a Problem with The Proxy Server’s Security Certificate [Fix]

Published on: April 18, 2023
Last Updated: April 18, 2023

Issue

What is this issue Outlook account holders are facing?

Microsoft Outlook works fine when you use a proper SSL certificate.

But the problem arises when you replace that SSL with a single server certificate. This stops you from accessing your Outlook account using HTTP Proxy Method.

You receive an error and Microsoft asks you for a password, telling you that there’s a problem with your security certificate or the name on the certificate doesn’t match the new target site webmail.domain.com.

Let’s solve this issue by the following method.

exchange-outlook

Resolution

The good news is if you use Outlook 2010 or Outlook 2013, you can manually change Exchange Proxy Settings.

So, how can you do this?

  • Open Outlook and navigate to the Account Settings.
  • Then, go to Connection > Exchange Proxy Settings.
  • Now, look for “Only connect to proxy servers that have this principal name in their certificate.”
  • Replace “most:.domain.com” with “most:webmail.domain.com”
exchange-outlook

This method doesn’t work with Microsoft Outlook 2016 because it uses Exchange auto- discover to configure Exchange accounts.

If you use Outlook 2016, you need to make sure that MS Exchange auto-discover pushes the correct certificate principal name.

You can do this by:

  • Logging into Exchange and starting the Management Shell.
  • Now, run the command: Get – OutlookProvider -Identity EXPR I fI
    After doing this, check for the values.
  • CertPrincipalName – This must have the correct SSL certificate common/Principal name following the format: msstd:webmail.domain.com
  • You can leave the “Server” space blank.
  • But sometimes the problem persists when the server’s name is incorrect.
  • If this happens, run the command: Srt-OutlookProvider -id EXPR -Server
    “servername” – certPrincipalName “most:webmail.domain.com”
  • And if the server isn’t blank, then run the following command: Set-OutlookProvider -id EXPR -server $null
  • You can do all this, but sometimes Outlook 2016 won’t update an existing account with a new certificate name.
  • So, what can you do?
  • The best method is to dismiss all errors and add the same Outlook account again. This will update the existing settings.

Conclusion

There you have it. Now you know how to solve the issue when Outlook displays an error and restricts you from accessing your account.

These methods work effectively, but if they don’t help, you can add the same Exchange account again.

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Trevor Cooke

Trevor Cooke is an accomplished technology writer with a particular focus on privacy and security. He specializes in topics such as VPNs, encryption, and online anonymity. His articles have been published in a variety of respected technology publications, and he is known for his ability to explain complex technical concepts in a clear and accessible manner.