Internet Related/Filtering/Firewall Thread, Office365 certificate for my students email in Technical; I was wondering what i need to do get round this problem with the certificate error for my students email ...
15th January 2013, 11:06 AM #1
Office365 certificate for my students email
I was wondering what i need to do get round this problem with the certificate error for my students email domain hosted with office365?
Is there anything i need to do?
27th February 2013, 10:13 PM #2
Just thought id bump this.
I spoke to ms a few weeks ago and they said i needed to purchase a certificate for my office365 users as i cannot use https://mail.students.domain.co.uk anymore. I have to ude http://mail.students.domain.co.uk instead.
I hsve configured at the moment for my domain...
students MX 10 9cafcbcea75646bd283ebf9fb82716.mail.outlook.com
students TXT v=msv1 t=9cafcbcea75646bd283ebf9fb82716
students TXT v=spf1 includeutlook.com ~all
autodiscover.students CNAME autodiscover.outlook.com
mail.students CNAME outlook.com
webmail.students CNAME outlook.com
Does this look correct to anyone that knows? It was working then suddenly one day it just stopped with a certificate error
You attempted to reach mail.students.domain.co.uk, but instead you actually reached a server identifying itself as outlook.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of mail.students.domain.co.uk.
You should not proceed, especially if you have never seen this warning before for this site.
if i ignored it and tried to log on as administrator it would say the servers are unable to be contacted at this time.
If any knows what i need to do let me know.
27th February 2013, 11:19 PM #3
So are you trying to keep the OWA URL using your private domain name? I assume you have create a CNAME which points to outlook.com/tenancy.onmicrosoft.com ?
I have a simple CNAME entry - outlook.domain.tld which has a Canonical Name of outlook.com
if i browse to http://outlook.domain.tld then it presents me with my ADFS Authentication Page, I Login and then it redirects me to my Outlook Web Access.
I assume, your not using SSO?
Last edited by EduTech; 27th February 2013 at 11:29 PM.
28th February 2013, 11:31 AM #4
In response to your questions, Yeah, im trying to keep my domain but have "mail.students" sub domain point to outlook.com if that makes sense as i can get http://mail.students.domain.co.uk to work but not https://mail.students.domain.co.uk and no, im not using SSO.
As for accessing outlook.com, my administrator account cannot access outlook.com
I think i have just found my problem. I have checked my DNS settings on office365 and ive got the following:
The following DNS records must be configured at your DNS hosting provider. The records that you configure depend on the domain purpose that you set.
View DNS records
Need help adding these records? See step-by-step instructions for creating DNS records at popular DNS hosting providers. Exchange Online
The DNS records for Exchange Online are correctly configured with your domain registrar.
Type Priority Host name Points to address TTL
MX 0 @ students-domain-co-uk.mail.eo.outlook.com 1 Hour
CNAME - autodiscover autodiscover.outlook.com 1 Hour
Type TXT Name TXT Value TTL
TXT @ v=spf1 include:spf.protection.outlook.com -all 1 Hour
So if i tell my ISP that i need to change my DNS settings to the ones configured in here as the earlier ones arent working correctly this should sort the problem out?
Last edited by timbo343; 28th February 2013 at 11:33 AM.
28th February 2013, 11:35 AM #5
If the DNS Records in your portal have not been setup, or are incorrect in anyway then you need to ensure you rectify this.
Originally Posted by timbo343
In all honesty you probably won't get https to work, because your domain name won't be in the public certificates that microsoft use for obvious reasons, you browse using http and when it redirects to outlook.com it will then redirect to 443 secure connection. If you try and do this on your own domain using a https connection first then it just is not going to work!...
Last edited by EduTech; 28th February 2013 at 11:54 AM.
Thanks to EduTech from:
timbo343 (28th February 2013)
28th February 2013, 09:38 PM #6
Is there anything wrong with browsing over HTTP if when you get to the sign in it's switching you to the HTTPS?
28th February 2013, 09:47 PM #7
I saw that was happening too but havent really had time to post that.
28th February 2013, 09:50 PM #8
you don't type any information in until the the browser has changed into a secure connection, you have no way of using the private domain in the way you want proper secure connection using a CNAME DNS Record.
If you browse via HTTPS initially Office 365 won't recognize the CNAME in the headers, because it's encrypted. you have no chance of MS adding your private domain into their SSL Certificates. Browse via HTTP initially to initiate the request, it redirects when it hits outlook.com and then your on a secure connection, type in your credentials and then happy days!
Last edited by EduTech; 28th February 2013 at 09:52 PM.
By gtg93 in forum Windows
Last Post: 26th July 2013, 02:20 PM
By pete in forum MIS Systems
Last Post: 28th September 2011, 12:57 PM
By Norphy in forum How do you do....it?
Last Post: 10th November 2006, 12:24 AM
By andy in forum School ICT Policies
Last Post: 4th July 2005, 09:14 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)