Error message when Outlook tries to connect to a server by using an RPC connection or an HTTPS connection: "There is a problem with the proxy server's security certificate"

Article translations Article translations
Article ID: 923575 - View products that this article applies to.
Expand all | Collapse all

On This Page

Symptoms

When Microsoft Outlook tries to connect to a server by using a remote procedure call (RPC) connection or a secure HTTP (HTTPS) connection, you receive one of the following error messages:
  • Error message 1
    There is a problem with the proxy server's security certificate, %s. Outlook is unable to connect to this server. (%s)
  • Error message 2
    There is a problem with the proxy server's security certificate, %s. The name on the security certificate is invalid or does not match the name of the site. Outlook is unable to connect to this server. (%s)
  • Error message 3
    There is a problem with the proxy server's security certificate, %s. The security certificate is not from a trusted certifying authority. Outlook is unabletoconnect tothis server.(%s)"
  • Error message 4
    There is a problem with the proxy server's security certificate. The name on the security certificate is invalid or does not match the name of the target site outlook.office365.com. Outlook is unable to connect to the proxy server (Error Code 0)
Notes about the error messages
  • The %s placeholder is the Outlook profile property 001f6622. This is the Microsoft Exchange Server RPC proxy server name.
  • The (%s) placeholder is the error code.

    For error message 1 and error message 2, the error code that is returned is the sum of all the bitmask certificate problem codes. See the "More Information" section for information about the bitmask certificate problem codes.

    For error message 3, the error code is expected to always be 0x00000008.

Cause

This issue may occur if one or more of the following conditions are true:
  • The connection to the server requires a certification authority (CA).
  • You have not trusted the certification authority at the root.
  • The certificate may be invalid or revoked.
  • The certificate does not match the name of the site.
  • A third-party add-in or a third-party browser add-in is preventing access.

Resolution

To resolve this issue, use one of the following methods, as appropriate for your situation.

Method 1: Examine the certificate

Use this method if you receive either error message 1 or error message 2. Examine the certificate. Then, contact your system administrator to resolve this issue.

To examine the certificate, follow these steps:
  1. In Microsoft Internet Explorer, connect to the RPC server or to the secure server. For example, type https://www.server_name.com/rpc in the Address bar of the Web browser, and then press ENTER.

    Note The server_name placeholder references the RPC server name or the secure server name.
  2. Double-click the padlock icon that is located in the lower-right corner of the Web browser.
  3. Click the Details tab.
  4. Note the information in the following fields:
    • Valid to
      The Valid to field indicates the date until which the certificate is valid.
    • Subject
      The data in the Subject field should match the site name.

Method 2: Install the trusted root certificate

Use this method if you receive error message 3. To install the trusted root certificate, follow these steps:
  1. Click Install Certificate when you are prompted with the Certificate dialog box.
  2. Click Next.
  3. Click to select the Place all certificate in the following store check box.
  4. Click Browse.
  5. Click Trusted Root Certification Authorities, and then click OK.
  6. Click Next.
  7. Click Finish.
  8. Click OK.

Method 3: Disable the third-party add-in or the third-party browser add-in

Use this method to disable the third-party add-in or third-party browser add-in if you receive error message 4.
Disable third-party add-ins
  1. Start Outlook in safe mode to help isolate the issue. To do this, click Start, click Run, type outlook.exe /safe, and then click OK.

    If Outlook successfully starts in safe mode, the issue that you're experiencing may be caused by a third-party add-in.
  2. Check for third-party COM add-ins and disable them. To do this, follow these steps:
    1. On the File menu, click Options, and then click Add-Ins.
    2. In the Manage box, click COM Add-ins, and then click Go.
    3. Click to clear the check box next to the third-party add-ins that you want to disable.
    4. Restart Outlook.
    For more info, see the "Step 6: Start Outlook in safe mode" section of the following Microsoft Knowledge Base article:
    2632425 How to troubleshoot crashes in Outlook 2010 and Outlook 2013
Disable third-party browser add-ins
Outlook uses Internet Explorer settings for HTTP requests. If a third-party browser add-in is causing this issue, disable it in Internet Explorer. For steps on how to do this, see the "Disable add-ons in Internet Explorer" section of the following Microsoft Knowledge Base article:
956196 "Internet Explorer cannot display the webpage" error

More information

The bitmask certificate problem codes are listed in the following table.
Collapse this tableExpand this table
DescriptionError code
FLAG_CERT_REV_FAILED0x00000001
FLAG_INVALID_CERT0x00000002
FLAG_CERT_REVOKED0x00000004
FLAG_INVALID_CA0x00000008
FLAG_CERT_CN_INVALID0x00000010
FLAG_CERT_DATE_INVALID0x00000020
FLAG_CERT_WRONG_USAGE0x00000040
FLAG_SECURITY_CHANNEL_ERROR0x80000000

Properties

Article ID: 923575 - Last Review: July 15, 2014 - Revision: 5.0
Applies to
  • Microsoft Outlook 2013
  • Microsoft Outlook 2010
  • Microsoft Office Outlook 2007
  • Microsoft Exchange Online
Keywords: 
kbtshoot kberrmsg kbexpertisebeginner kbprb o365 o365a o365e o365p o365m o365022013 KB923575

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com