Error from testconnectivity.microsoft.com

Website, Application, Performance DNS & Network
1

I’m getting an error when testing from the testconnectivity site at microsoft. Below is the error message. Any ideas?

Additional Details
A redirect response was received, but only HTTPS redirect URLs are supported in response to a POST request. The URL that was received was http://www.xxxxx.com/Autodiscover/Autodiscover.xml.
HTTP Response Headers:
Transfer-Encoding: chunked
Connection: keep-alive
pragma: no-cache
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri=“report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
Report-To: {“endpoints”:[{“url”:“https://a.nel.Cloudflare.com/report/v3?s=YnFbljPH2LTj2WmndOWnigk1d3RAJPia2qirLV0WIv2E3LyC887XvOtvpljzVKFYO%2FNaexnZK0dv5l0Ph0nx694mpYjJ3iuK6CszPjAwLxO3%2BH%2Fbp7phqp2yaJBX4Aql6s2a%2B2MkAMU%3D”}],“group”:“cf-nel”,“max_age”:604800}
NEL: {“success_fraction”:0,“report_to”:“cf-nel”,“max_age”:604800}
CF-RAY: 6806542c0edf2be7-ORD
alt-svc: h3-27=“:443”; ma=86400, h3-28=“:443”; ma=86400, h3-29=“:443”; ma=86400, h3=“:443”; ma=86400
Cache-Control: no-cache
Cache-Control: must-revalidate
Cache-Control: max-age=0
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Aug 2021 22:27:16 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: .xxxx.com/Autodiscover/Autodiscover.xml
Set-Cookie: PHPSESSID=kh2mlgdacr30munh3lotl514d1; path=/
Server: Cloudflare
X-Powered-By: PHP/7.0.33

2

An redirect like from HTTP to HTTPS?
May I ask what SSL option have you got selected for your domain at SSL/TLS tab on Cloudflare dashboard (Flexible, Full, Strict …)?

Does it work when you temporarly make this DNS record :grey: cloud (unproxied)?

While visiting https://xxxxxx.com/Autodiscover/Autodiscover.xml, I got shown the homepage - without any redirect in the headers.
May I ask, shouldn’t it load the physical file from the server instead?
Also, is the file actually existing one at the origin host/server?

Furthermore, from my experience the autoconfig and autodiscover sub-domains which I use are both CNAME type pointed to my mail.domain.com (covered by an SSL certificate) and both of them (including A record mail.domain.com) set on :grey: cloud.

  • mail.domain.com is pointed to my server IP (unproxied, :grey: cloud)
  • MX record for the domain.com is using mail.domain.com

Nevertheless, I use Let’s encrypt SSL certificate for mail.mydomain.com which works okay even with multiple domains on it (SNI), while for my naked domain.com and www.domain.com I use Cloudflare Origin CA certificate with the SSL option which is being set on Full (Strict) SSL.

Furthermore, may I ask what Outlook client version are you using?
If 2013, unfortunately, as far as I seen, even on older ones like Windows XP (not even supporting TLS v1.2 without Service Pack installed), you would have some issues due to the connection to your e-mail server as the SNI is being present in the SSL certificate (from Cloudflare) while having the :orange: cloud.

Please check the Exchange Certificate to make sure sub.xxxxxx.com, xxxxxx.com and www.xxxxxx.com is included.

  • it could be also if using :orange: cloud as it would end up with the different IP (Cloudflare one) as your Exchange server is it so it could not work either …

If so, better approach, using some sub-domain for this situation. Secure it with SSL. Try to connect over it - test while having it :grey: and :orange: (again, check your SSL/TLS tab).

3

I’m really sorry, I replaced our domain with the xxxx stuff. Can’t believe it converted to a porn site. So Even if I turn off the proxy it doesn’t work. Using testconnectivity.microsoft.com my activsync even fails now on the SSL… That piece was passing yesterday… ugh.

4

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.