Outlook récupération sur un pc Microsoft office365, erreur sur chargement des emails reçus ou envoyés

Veuillez remplir les champs ci-dessous pour que nous puissions vous aider. Remarque : vous devez fournir votre nom de domaine pour obtenir de l’aide. Les noms de domaine des certificats émis sont tous rendus publics dans les journaux de Transparence de Certificat (par exemple, crt.sh | example.com). Par conséquent, le fait de ne pas indiquer votre nom de domaine ici n’aide pas à le garder secret, mais rend plus difficile pour nous le fait de vous aider.

Je peux lire des réponses en Anglais :oui

Mon nom de domaine est :autisme-espoir.org

J’ai exécuté cette commande :Lire mes mails en utilisant microsoft Outlook

Elle a produit cette sortie :Le serveur auquel vous êtes connecté utilise un certificat de sécurité impossible à vérifier : le nom de la cible n'est pas correct. Voulez vous continuer à utiliser ce serveur ?

Mon serveur Web est (inclure la version) :Linux obsidian 18.0.33

Le système d’exploitation sur lequel mon serveur Web s’exécute est (version incluse) : php 7.4.33

Mon hébergeur, le cas échéant, est :OVH

Je peux me connecter à un shell root sur ma machine (oui ou non, ou je ne sais pas) :oui

J’utilise un panneau de configuration pour gérer mon site (non, ou fournit le nom et la version du panneau de configuration) :Plesk

Mon problème est sur la récupération des emails depuis un pc client sous Microsoft 10 et office 365. une fenètre d'erreur apparit en français et je suis obligé de la valider à chaque ouverture de Outlook.
merci pour votre aide

Hi @BrunoSchouler, and welcome to the LE community forum

Sorry for my lack of French.

Can you show the cert being served?
What is the expected name by the Outlook client?
Does the email server use Plesk?

I see a cert that covers:

DNS Name=autisme-espoir.org
DNS Name=webmail.autisme-espoir.org
DNS Name=www.autisme-espoir.org

If Outlook is using some other name, it must be added to the cert.

Hello
Thanks for information
we use "mail.autisme-espoir.org" and imap.autisme-espoir.org for outlook connection
so do I have to add these two domain to cert ?
If yes, can you expalin how
Best regards

image1342×619 65.4 KB

Also
You tell me to show what cert is on the web server
here are information of what we have now :

image1342×619 56.3 KB

image434×533 14.9 KB

Yes.

Yes, the cert shown may be the "default" cert used when a name can't be matched.
I would add the names first and see if that fixes things.

Hello

Our let's encrypt certificate is the default certificate provided by OVH.

It does not seem possible to add a mail.autisme-espoir.org and/or imap.autisme-espoir.org domain.

In this case, it would be necessary to use its paid version.

Why not ?

But I would like to be sure that this will solve this popup problem

OVH makes you pay for including a few more hostnames in a free Let's Encrypt certificate?

My advice? Change hosting provider if that's really true

Can they assist/instruct you in obtaining a wildcard certificate [for FREE]?

They do not really assist, yes OVH is bad on service. A question to you I have checked my connexion from Microsoft Outlook by using webmail.autisme-espoir.orgl instead of mail.autisme-espoir.org., and the mail come into my outlook mailbox !
But the message in the alert box does not show the actual certificate !
How could I refresh this in order he right certificate would be read.
on server, it's written 14/01/2023 for expiration, and in outlook it says valid date from 01/02/2021 to 02/05/2021
why this old certificate is it loaded ?
Thanks for help
Best regards
Bruno

image443×537 16.8 KB

And how could I update this in order to have m'y Outlook safe ? Have you an idea ?

Either add the name(s) to the certificate
OR
Switch Outlook to use an existing name already on the certificate

Yes I did it with webmail.autisme-espoir.org.
The mail Come in Outlook, but the pop-up still indicate the certificate error date. I look for thé way to refresh it.
Have you an idea ?

Hello
Still my problem of read error in outlook with certificate let's encrypt
I found a way to install the certificate in outlook, but the password of let's encrypt certificate created when exporting was not give'n to me on my plesk server !
How can I have this password ?
Thanks for help

Hold on, what do you mean "install"?

Hello

In outlook, they speak about import certificate : list here and in yellow at the bottom…

Thanks for help

Once your Outlook software is open:

Click "File"

Click on "Options"

In the window that appears, click on "Privacy Center"

Click on "Trust Center Settings"

Click on "Email Security"

Click on the "Import/Export" button

In the pop-up that appears, click on "Browse" and find your certificate in PKCS12 (.pfx) format. Also fill in the password.

Thanks, I don't think that's a solution because you would need to import your certificate on all clients every 90 days. The correct solution is to ensure your server certificate includes all of the names clients will connect with. Some service types don't support multiple subject alternative names, so depending on the service you may need more than once certificate (one for each service).

While http validation (using your web server to get your cert) is often the easiest method, this doesn't work for certs not hosted on that server, so you may want to look into DNS validation for certs for services hosted on other server, or use http validation on those servers as well.

Yes thanks, understand your advice.

We have moved to webmail.autisme-espoir.org, and this works about the possibility to get emails in outlook from our web server.

But I have still the error message about the dates in Outlook

Maybe, I have to reboot the web server ?

What do you think ?

Thanks a lot for your help

Best regards

Then the server is still serving the wrong certificate.