X
<svg class="herion-back-to-top"><g><line x2="227.62" y1="31.28" y2="31.28"></line><polyline points="222.62 25.78 228.12 31.28 222.62 36.78"></polyline><circle cx="224.67" cy="30.94" r="30.5" transform="rotate(180 224.67 30.94) scale(1, -1) translate(0, -61)"></circle></g></svg>
X
We use cookies to personalize website content, to analyze our traffic, and to improve your site experience. By using this website you accept our Privacy Policy.  Read

Outlook The Security Certificate Was Issued By A Company You Have Not Chosen To Trust · No Sign-up

Resolved: "The Security Certificate Was Issued by a Company You Have Not Chosen to Trust" in Outlook Introduction: The Frustrating Pop-up That Disrupts Your Workflow Imagine you are in the middle of a busy workday. You open Microsoft Outlook to check your email, expecting a seamless experience. Instead, you are greeted by a daunting security alert: "The security certificate was issued by a company you have not chosen to trust. This server's name does not match the server's certificate." For many users, this message is confusing and alarming. It sounds like a serious security breach. For IT administrators, it is a repetitive nuisance that plagues remote users and mobile devices. This error prevents Outlook from connecting to your mail server (usually Microsoft Exchange or Office 365) until you manually click "Yes" or "Continue." But why does this happen? Is your data at risk? How do you fix it permanently? In this article, we will dissect the technical meaning of this certificate error, explore the 5 most common causes, and provide step-by-step solutions for Windows, Mac, and mobile versions of Outlook.

Part 1: Understanding the Error – What Is Outlook Actually Telling You? To fix this problem, you must first understand the technology behind it. Outlook uses SSL/TLS certificates to encrypt communication between your computer and the email server. Think of a certificate as a digital passport. It proves that the server you are connecting to is the legitimate owner of the domain (e.g., mail.yourcompany.com ). When Outlook displays "The security certificate was issued by a company you have not chosen to trust," it is performing three specific checks—and one of them has failed:

The Trust Chain (Issuer Check): Outlook checks if the certificate was issued by a Certificate Authority (CA) that is in your computer’s "Trusted Root Certification Authorities" store. If you see a "company you have not chosen to trust," it means the CA (e.g., a self-signed certificate or an internal corporate CA) is not on Microsoft’s default list of trusted issuers (like DigiCert, Let's Encrypt, GlobalSign).

The Common Name (CN) Match: Outlook checks if the domain name in the certificate matches the server address you typed. For example, if the certificate says CN=mail.local but you are connecting to outlook.office365.com , the match fails. Resolved: &#34;The Security Certificate Was Issued by a

The Expiration Date: If the certificate is expired, you will also get a related error (though not always identical).

The Bottom Line: This error is Outlook’s way of saying, "I cannot verify that this server is safe because I don't trust its ID card."

Part 2: The 5 Most Common Causes (And Why They Happen to You) Not all certificate errors indicate a hacker attack. In fact, over 90% of these errors in corporate environments are due to configuration mistakes. Here are the five typical scenarios: 1. Self-Signed Certificates (The #1 Cause) Small businesses often set up their own Exchange Server and generate a "self-signed" certificate instead of buying one from a public CA. Since Microsoft didn't issue that certificate and no public authority vouched for it, Outlook refuses to trust it by default. 2. Internal Certificate Authority (Corporate CA) Large organizations run their own internal CA (e.g., Windows Server Active Directory Certificate Services). They issue certificates to internal servers. If your home computer or a non-domain-joined device tries to connect, it won’t have that company’s root CA certificate installed. 3. Mismatched Server Name (Autodiscover Hell) Outlook uses an automatic configuration process called Autodiscover . It tries multiple URLs ( autodiscover.yourdomain.com , yourdomain.com , etc.). If your Exchange server’s certificate only covers mail.yourdomain.com but Outlook tries server123.internal.local , you get the name mismatch error. 4. Outdated Root Certificates on Windows/Mac Every operating system includes a list of trusted root certificates that updates automatically via Windows Update. If your computer hasn’t received updates for months (or years), it may not trust newer CAs like Let's Encrypt R3 or newer DigiCert roots. 5. Man-in-the-Middle (MITM) Attack or Corporate Proxy This is the rare, dangerous scenario. A malicious actor (or an overzealous corporate firewall using SSL inspection) intercepts your traffic and presents its own certificate. If you see this error unexpectedly on a public Wi-Fi network, do not click "Yes" —close Outlook immediately. This server&#39;s name does not match the server&#39;s

Part 3: Step-by-Step Fixes for Windows Outlook Let’s move from quick workarounds to permanent solutions. The correct fix depends on your environment (home vs. corporate). Fix #1: The Temporary Workaround (Not Recommended for Long-Term) If you are in a hurry and know the server is safe (e.g., your IT team confirmed they use a self-signed cert), you can click "Yes" or "Continue" on the pop-up. However, you will see the prompt again every time you restart Outlook or after a few hours. Better temporary method: Check the box that says "Don't show me this warning again for this certificate" (available in older Outlook versions). In newer versions, this option is often missing. Fix #2: Install the Missing Root Certificate (For Self-Signed or Internal CA) This is the permanent fix for self-signed or corporate CA errors. Step-by-step:

Contact your IT team and request the root certificate file (usually a .cer or .crt file). Save the file to your desktop. Double-click the file → Click "Install Certificate" . Select "Local Machine" (requires admin rights) or "Current User" . Choose "Place all certificates in the following store" → Click Browse . Select "Trusted Root Certification Authorities" → Click OK . Finish the wizard and restart Outlook.

Fix #3: Correct the Server Name in Outlook Account Settings If the error mentions a name mismatch, you need to align Outlook’s connection settings with the certificate. This error prevents Outlook from connecting to your

Open Outlook → File → Account Settings → Account Settings . Select your email account → Click Change . Click "More Settings" → Go to the Connection tab. Check the box: "Connect to Microsoft Exchange using HTTP" (if applicable). Under "Exchange Proxy Settings," ensure the URL exactly matches the name on the certificate (e.g., mail.company.com , not legacy.company.com ). Also check the Server field in the main settings. If your server is oldserver.local but the certificate is for newserver.company.com , ask your admin to reconfigure the certificate or update Outlook’s server profile.

Fix #4: Update Windows Root Certificates Run Windows Update to ensure your trusted root list is current.

Wavelet Audio Logo

YT   IG   FB

Subscribe to never miss an update

Subscribe

Privacy Policy   Terms and conditions   Contact Us   FAQ

© 2026 Wavelet Audio | 111100 Kostanay, Sadovaya 100K, Kazakhstan

This site is owned and operated by Evgeny Emelyanov | | +79181336877

Privacy Policy   Terms and conditions   Contact Us   FAQ

© 2026 Wavelet Audio