Fix: Outlook Security Certificate Cannot Be Verified Error

Kevin ArrowsUpdated on March 16, 2026
Kevin is a certified Network Engineer

The “The server you are connected to is using a security certificate that cannot be verified” error in Outlook usually appears when Outlook connects to a mail server or Autodiscover endpoint whose certificate does not match the hostname being used, or when the certificate chain is not trusted.

In most cases, this happens because the incoming or outgoing mail server name is incorrect, the hosting provider uses a different secure mail hostname than your custom domain, or Outlook is being redirected to an Autodiscover address that is not included in the certificate.

Below are the fixes that usually solve the problem, starting with the most effective ones.

1. Check the Certificate Name and Match It to the Mail Server

This is the most important check. If Outlook is connecting to a hostname that is not listed on the certificate, the warning will continue to appear until you use the correct server name or the certificate is replaced.

  1. When the warning appears, click View Certificate.
    Internet Security Warning Message
  2. Check the Issued to or certificate name shown in the certificate window.
  3. Compare that name with the incoming and outgoing mail server names configured in Outlook.
  4. If they do not match, update Outlook so it uses the hostname that matches the certificate, then test the account again.

Example: if the certificate is issued to mail.hostingcompany.com, but Outlook is configured to use mail.yourdomain.com, Outlook may reject the connection until you switch to the hostname covered by the certificate.

2. Verify the Exact Mail Server Settings with Your Email Provider

Do not guess the server names, ports, or encryption method. Even if the username and password are correct, Outlook can still trigger this warning if the account is pointing to the wrong server or using the wrong encryption settings.

  1. Open Outlook.
  2. Go to File > Account Settings > Account Settings.
  3. Select the affected account and click Change.
  4. Outlook Account Settings
  5. Verify the following with your provider or hosting company:
    • Incoming mail server name
    • Outgoing mail server name
    • Account type: IMAP or POP
    • Port numbers
    • Encryption method: SSL/TLS or STARTTLS
  6. Click More Settings > Advanced, correct the values if needed, then click OK.
  7. Outlook Email Settings

Important: avoid switching to random “fallback” ports just to suppress the warning. If the server name and certificate still do not match, the real issue remains unresolved.

3. If You Use Shared Hosting, Use the Hostname That Matches the Certificate

This problem is common on shared hosting. Many hosting companies secure mail using their own hostname, not your custom domain. If Outlook is configured to use your domain but the certificate is issued to the host’s mail server name, Outlook will show a certificate warning.

In that case, use the secure mail hostname provided by your host.

For example:

mail.hostingcompany.com

Instead of

mail.yourdomain.com

If you want to keep using mail.yourdomain.com, your host or server admin must install a certificate that includes that hostname.

4. Fix the Certificate or Autodiscover Configuration if You Manage the Server

If this is a company-managed mailbox, Microsoft 365 hybrid setup, Exchange environment, or self-hosted mail server, the issue may not be on the Outlook side at all. The warning can appear when Autodiscover DNS records or the server certificate are configured incorrectly.

If you manage the server or can contact the admin, ask them to verify:

  • the certificate includes the hostname Outlook is reaching
  • the certificate chain is trusted
  • Autodiscover is pointing to the correct endpoint
  • the server is presenting the correct certificate for mail services

If those values are wrong, the warning will keep returning even after you re-add the account.

Note: only install a certificate manually if it comes from your organization, hosting provider, or mail administrator and you know it is intended for that mail service. This is most common with self-signed or private CA environments. For normal public mail services, Outlook should usually trust the certificate automatically when the server name and certificate are configured correctly.

Kevin ArrowsUpdated on March 16, 2026
Kevin is a certified Network Engineer
ABOUT THE AUTHOR
Photo of Kevin Arrows

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.

Comments

11
    MN
    Mdu Ka Nkwali Mar 12, 2020

    Kevin, I have similar error message ‘The server you are connected to is using a security certificate that cannot be verified’ all of the above solutions doesn’t solve it, what can I do…

    Reply
      SW
      Shane Warren Author Mar 14, 2020

      While changing the “SMTP” port, select “SSL/TLS” in the Use the following type of encrypted connection option.

      Reply
    BG
    Bruce G Mar 23, 2020

    Thank you! This fixed my certificate issue. After reviewing the host cert I changed Comcast email server from imap.comcast.net to imap.email.comcast.net

    Reply
    CR
    Credo1970 Apr 22, 2020

    I came cross this problem with an old XP (Home Edition, so there is no obvious way to ‘view/edit’ certificates) laptop.My solution has been to only use the SSL based outlook express system mailer for ‘outgoing mail’. I.E. I still need the smtp part of outlook express for using things like Libre/Open Office’s attach as email option.So…keep outlook express set up, and keep it as the ‘default’ email client in the system wide (IE Browser) “Internet Settings”, but only to be used when an application wants to automatically attach a file to an email. In those cases, you’ll just get an outlook send window to address and complete your email and send it on its way. Windows will use the Outlook Express and its smtp settings to ‘send’ the email.For incoming mail I just use a TLS based pop or imap client. Thunder Bird and Opera Mail are good examples.The old laptop in question doesn’t do SSE2 instructions (an old athelon CPU), so I opted for the newest, lightest and fastest email client I could find for XP that will work on my old laptop. Turns out to be Opera Mail 1.I used links here to find the version of Opera Mail that works for my system.http://matejhorvat.si/en/un…Note the comments by the Opera Mail link that provide information and yet another link on obtaining a cipher chooser for Opera Mail (block it from trying to use older less secure protocols).

    Reply
    RD
    rob dee May 12, 2020

    Number 2 solution did it for me – after looking on many other “solutions” this one worked. Thanks!!! Why on earth my host co didn’t inform me to use their name as mail server and not my domain name I have no idea.

    Reply
    CT
    CT May 27, 2020

    This has just started happening to me this week even though I’ve been successfully using 2003 Outlook on my home Windows 10 laptop for the past year. I have just been ignoring but but it’s irritating having to click it away when I don’t know what’s causing it. I’m a bit reluctant to start changing anything until I know the reason why it’s happening. Any advice would be gratefully received.

    Reply
      SW
      Shane Warren Author May 27, 2020

      Our “What Causes” section explains some different factors that can be causing it, you can give that a read to maybe verify that any such reason might exist on your device. Don’t worry, you should be safe after changing these things since they won’t break anything further. Im here if you have any more questions.

      Reply
    PD
    Planetfair DU Jul 20, 2020

    Thanks! This helped me so much, I was pissed with the pop-up message for almost a year. And now it has been fixed after doing the 1st solution. Thanks a lot!

    Reply
    MF
    Mohamed Fat'hy Jul 4, 2021

    “Solution 4” Helped me, Thank you Mr. Kevin ♥

    Reply
    DC
    Dhan Bryan Caberte Nov 23, 2021

    hi

    Reply
    JN
    John Neale Jan 16, 2022

    Win10/11 Outlook 365 Email setup. I have an email account with Network Solutions that has worked fine with POP3. Now trying to reconfigure with IMAP. This works successfully on my Android phone with Outlook app, but on the PCs, I just get ‘server you are connected to is using security certificate that can’t be verified’. Servers are mail.nnnn.com Port 993 SSL/TLS (IMAP I/C), and smtp.nnnn.com Port 465 SSL/TLS. can you help? Unfortunately I cannot see what settings have been auto-configured on Android.

    Reply