You try to log on to Outlook on the web (OWA) by using the Chrome web browser while you have SSL offloading configured. In this situation, after you provide your credentials, you're redirected to a blank logon screen.


The cadata cookies (that are required for the OWA logon) are marked as SameSite=None. However, the secure tag on these cookies were set by using the IsSecureConnection API. This API returns a false status for the "SSL offloaded" case. Therefore, the cookie is rejected by Chrome because you must set a value of secure=true if SameSite=None is specified.


To fix this issue, install one of the following updates:

Cumulative Update 11 for Exchange Server 2019 or a later cumulative update for Exchange Server 2019

Cumulative Update 22 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!