Security

Connectivity checker trips browser alarms thanks to lapsed security paperwork

Microsoft appears to have dropped the ball with its certificate management after a domain used by sysadmins worldwide to test connectivity to Microsoft 365 started throwing untrusted connection warnings in browsers.

The connectivity.office.com domain is used by IT pros to test their network's connectivity to Microsoft 365 and ensure their firewalls aren't blocking anything that could affect an organization's access to Microsoft servers.

An SSL server report retrieved on Monday showed that the certificate expired on June 14 after last being renewed on December 16, 2025.

At the time of writing, 35 hours have passed since the certificate expired, and Microsoft has still not renewed it, despite many in the IT community making their opinions on the matter known.

Certificate renewals are often automated in this day and age, but in organizations still relying on manual processes, those responsible for renewals would almost certainly have received multiple alerts warning of the impending expiration.

It suggests that something, or someone, involved in the certificate-renewal process at Microsoft has messed up.

The Register contacted Redmond for a response. The company's publicists acknowledged the request for comment but did not return one in time for publication.

The fallout could have been much worse. Browser warnings on a network diagnostic tool are irritating, but hardly catastrophic compared with the same thing happening to login.microsoft.com or another critical service.

Teams users may remember the collaboration platform abruptly deciding to take Monday off in 2020, after an authentication certificate expired, for example.

Whatever went wrong here, Microsoft will have to tighten its processes before shorter certificate lifespans arrive in the coming years.

As of March 26, new SSL/TLS certs will have a maximum lifespan of 200 days. This is set to decrease to 100 days by March 15, 2027, and then to 47 days two years later. ®