- May 24, 2021
- Posted by: administrator
- Category: MicroSoft
The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website.
Starting at 8 AM EST today, Microsoft Exchange admins who attempted to access the admin portal at admin.exchange.microsoft.comsuddenly found that their browsers were issuing warnings that the connection was not private due to an expired SSL certificate.
Depending on the browser, users are blocked from accessing the site as a security precaution or shown an alert that the data may not be secure. For example, Google Chrome will stop you from accessing the site altogether, while Firefox will warn you about the insecure connection.
According to Qualys’ SSL Labs, the certificate expired today, Sun, 23 May 2021, at 12:00:00 UTC. For those on the east coast of the United States, that is is equivalent to Sun, 23 May 2021 08:00:00 EST.
Microsoft states that they are aware of the issue and are working on a fix.
As a temporary workaround, Microsoft states you can access the admin portal from the https://outlook.office.com/ecp/ URL as well.
Unfortunately, outages caused by expired certificates are becoming all too common as almost all online services have now switched over to secure connections.
With encrypted communications come additional complexity and human error, such as forgetting to renew an SSL certificate.
In August 2020, an expired certificate for California’s CalREDIE infectious disease reporting system led to an underreporting of COVID-19 cases in the state as data was prevented from being uploaded.
We have also seen expired SSL certificates affecting consumer-facing services, such as Spotify, Microsoft Teams, and Facebook’s Tor server.
Reached out to Microsoft to learn more about when they expect the SSL certificate to be renewed but has not heard back at this time.
NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only