I have my domain setup for use with Microsoft 365, hosted exchange. I had setup a CNAME value, not proxied that basically pointed “mail.mydomain.com” to outlook.office.com. Was working perfectly.
I don’t know when it started, but have noticed in the last day, when trying to access “mail.mydomain.com” I get an NET::ERR_CERT_COMMON_NAME_INVALID in Chrome (other browsers have issues as well). Seems to be due to the fact that the security certificate does not match one of Microsoft’s domain names. But this was working at least a week or so ago.
Most of my users access their O365 mail via web. We use “mail.mydomain.com” just for branding and everyone just remembers it (its the URL we used to use with our old on-prem system). It worked great for the past several months, not sure what changed. We have all the DNS entries Microsoft requires.
Mail is still accessible at outlook.office.com, so we are not “down”, but it would be nice for convenience to get the other URL back up and running
Kindly, check here for the steps as needed (all written how to) for the proper setup of Microsoft 365 e-mail with Cloudflare.
After you setup, wait for few minutes (approx. 15min) for changes to apply, re-check and write us back here.
Keep a note that none of the Microsoft 365 records should be proxied ( cloud), so they need to be set to DNS Only cloud.
Also, check if there are some missing records (like CNAME autoconfig, autodiscover, TXT records for SPF and other) at Cloudflare DNS dashboard and add them:
Due to this error - while it is for mail.yourdomain.com, here is an article which could indicate why you got it.
Maybe now when you have all configured, the SSL certificate needs to be renewed (automatically or manual trigger) or I do not know at this moment (depends how Microsoft 365 works).
Kindly, be patient maybe it fixes itself with some time, or someone else can reply with more experience
I guess at this point I will wait a day or so and see what happens, as I’ve said nothing has changed on my end…and the direct URL to Outlook webmail works fine (and mail flow is working fine).
Just seems to be some type of SSL/certificate conflict with my CNAME definition and Microsoft.
Are you sure Outlook application is configured to connect to the ‘mail’ subdomain to send and receive email? What error are you seeing?
What erros do you have?
Or try using a Dedicated SSL certificate from Cloudflare.
Your “mail” DNS entry should be set to .
Did Microsoft 365 issued you an SSL certificate for your hostname/domain?
Or try to change the CNAME (remove it) and then add new A mail and point it to your server’s IP cloud (DNS only) - if that could work with Microsoft 365 from the previous reply including how to setup the DNS records.
Moreover, if few days already passed, at this point I believe you will also need to contact your mail host. Cloudflare is only providing DNS for that hostname.
Regarding the Webmail hostname if you are accessing it via an CNAME record, and if it has had an HTTPS connection (have had an SSL certificate), you should have it and also selected Full SSL under SSL tab at your Cloudflare dashboard for your domain.
Otherwise, try with for it too and see what happens.
Moreover, what is your domain name?
Can you post a screenshot of your DNS records here?
DNS only or if you are using a third-party (external) email service via CNAME.
cloud), so they need to be set to DNS Only 