Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
amateolo
New Contributor II

Created on ‎03-10-2016 09:25 AM

Outlook warning certificate

Hi experts,

I have a problem with the explicit proxy.

I do not stop out in the notice outlook attached.

I have enabled SSL inspection to filter https proxy.

Can you help me or give me some idea?

Regards.

Sin título.jpg
Preview file
122 KB
30864
8 REPLIES 8
SteveRoadWarrior
New Contributor III

Created on ‎03-10-2016 01:01 PM

you may be able to resolve this one of two ways:

 

1. in the web filter profile, exclude filtering for the mail.[   ].com domain.  We've seen this fix dropbox issues before.

2. in AD group policy, make a new group policy which deploys the SSL Certificate used by the Fortigate.  Deploy it as trusted and the workstations will believe they're talking to the real server.  A word of caution, depending on how the SSL Certificate snooping is configured, users may not realize they're talking to a fake site because the Fortigate is re-signing everything as trusted.  So you may want to leave disabled the feature which allows users to see sites with bad SSL certificates.

 

14623
0 Kudos
amateolo
New Contributor II
In response to SteveRoadWarrior

Created on ‎03-10-2016 01:17 PM

Hi Steve,

 

Thanks for answering.

 

I think the right way would be 1, since the road 2've done, installing the certificate on my own workstation and that message keeps coming every 2 or 3 hours.

The problem comes if you use explicit proxy, when I get the warning active

If I allow the https traffic in the political ipv4 not get the error.

 

What would be the process to create the ssl inspection exepcion not?

 

If you need more information, I sent you.

 

thank you.

14622
0 Kudos
SteveRoadWarrior
New Contributor III
In response to amateolo

Created on ‎03-10-2016 01:24 PM

Perhaps you can make an IPv4 firewall policy and place it above the normal internet access policy.

Inside that policy make the following settings:

- from [your LAN]

- to [IP address of the mail server]

enable NAT, but do not enable SSL Cert, do not enable Web Filtering

 

14622
0 Kudos
amateolo
New Contributor II
In response to amateolo

Created on ‎03-11-2016 01:09 AM

Hi,

 

The problem does not have to ipv4 policy.

I have it with explicit web.

I tried to make exceptions to the mail domain name, but does not work.

attached

 

Regards

proxy_explicit.jpg
Preview file
97 KB
14621
0 Kudos
redasodexo
New Contributor

Created on ‎03-17-2016 04:49 AM

hi all

have seam issue with outlook in my domain since have introduce fortigate 100d but finally i have allowed http over proxy  or outlook web access from application control in mail section

14621
0 Kudos
jiggyjiyane
New Contributor
In response to redasodexo

Created on ‎01-22-2019 02:14 AM

Hi

 

I experienced the same issue, and fix was to put in the Proxy FQDN and Realm... E.g Proxy for company named Example

 

Proxy FQDN = proxy.example.co.za

Realm = example.co.za

 

 

 

 

14621
0 Kudos
rocky700
New Contributor

Created on ‎01-25-2019 12:02 AM

The outlook is doing every process to make it secure and the warning certificate is also an example of that. The thing is that it has to be done to make the email scam and hacking preventive.

ERROR CODE 0XC0000428

ERROR CODE 0XC0000428
14621
0 Kudos
markssmith500
New Contributor

Created on ‎10-15-2022 11:43 AM

You can easily fix your Outlook certificate error by verifying the certificate name in Outlook, using unsecure port, and using the hosting domain name as mail server name. You can also fix Outlook invalid certificate issue by changing in the Outlook outgoing SMTP port settings.

10634
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.