office.outlook.com and smtp.office365.com SSL Certificate Random Changes between calls
Faced a similar issue today. I could not find a complete list of cert used by MS O365.
Closest is this Exchange Online/Office 365 SSL certificate info, but seems outdated: https://technet.microsoft.com/en-us/library/mt163898.aspx
Here a list of IP and URL: https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2
(here as RSS: https://support.office.com/en-us/o365ip/rss)
I btw, use SMTP send via JAVA and need to trust every cert. as of today I found smtp.office365.com:995 uses
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
81:B6:8D:6C:D2:F2:21:F8:F5:34:E6:77:52:3B:B2:36:BB:A1:DC:56
Valid from Aug 4, 2015 to Aug 4, 2030.
Here the output from openssl
|ts@nix:~$ echo | openssl s_client -showcerts -servername smtp.office365.com -connect smtp.office365.com:995 2>/dev/null | openssl x509 -inform pem -noout -text
|Certificate:
| Data:
| Version: 3 (0x2)
| Serial Number:
| 03:04:74:d9:a7:51:7a:9d:33:f4:b4:1c:00:fd:4f:e7
| Signature Algorithm: sha256WithRSAEncryption
| Issuer: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1
| Validity
| Not Before: Dec 12 00:00:00 2016 GMT
| Not After : Dec 12 12:00:00 2017 GMT
| Subject: C=US, ST=WASHINGTON, L=Redmond, O=Microsoft Corporation, CN=outlook.com
| Subject Public Key Info:
| Public Key Algorithm: rsaEncryption
| Public-Key: (2048 bit)
| Modulus:
| 00:c7:eb:fe:5c:ae:a6:90:28:b7:1c:a8:3b:4c:e6:
| 42:2c:ca:4b:0f:b1:fb:23:79:39:1e:7d:06:91:cd:
| 20:bd:c6:f9:94:25:2e:a8:b3:2e:bf:13:9c:68:85:
| 2b:f2:68:e0:51:bb:63:f0:69:fa:4f:d8:44:68:4c:
| 41:8e:6b:88:8a:63:c4:03:0f:c3:68:66:22:e6:c1:
| ba:82:da:ce:6c:53:6e:aa:72:0a:3d:ce:11:95:a1:
| 0e:17:46:ef:ce:15:76:91:7e:c1:ec:e9:04:38:43:
| 71:a4:b6:74:05:46:5c:4d:2e:6a:1d:95:ef:c3:a8:
| 2a:b5:48:50:ca:ab:ea:0f:2e:41:6f:ac:07:6f:d0:
| b4:50:0b:cd:7b:2f:3c:8d:f3:fa:d1:3e:f7:df:08:
| 08:33:ee:97:0a:5d:63:db:27:43:6a:a1:db:67:ab:
| 71:23:41:23:58:b9:33:52:8d:86:b9:7a:13:59:d8:
| ba:9e:1a:e1:74:16:bb:52:d8:f9:62:e3:3a:45:c6:
| 06:8b:c4:ec:74:54:d5:96:c7:95:26:04:0e:88:d8:
| 51:68:42:cb:2c:de:91:c1:2e:ea:d2:da:63:c9:32:
| 89:9f:d6:5d:94:0f:e0:0f:75:8d:0e:3b:45:d2:5c:
| bf:bb:88:36:38:cb:1f:da:bf:84:80:d6:7a:f5:5f:
| 3d:ad
| Exponent: 65537 (0x10001)
| X509v3 extensions:
| X509v3 Authority Key Identifier:
| keyid:DD:51:D0:A2:31:73:A9:73:AE:8F:B4:01:7E:5D:8C:57:CB:9F:F0:F7
|
| X509v3 Subject Key Identifier:
| 83:AF:FF:4C:89:EE:ED:0A:7E:D8:3E:2F:ED:55:F8:9C:9F:85:DF:16
| X509v3 Subject Alternative Name:
| DNS:ccs.login.microsoftonline.com, DNS:ccs-sdf.login.microsoftonline.com, DNS:outlook.com, DNS:*.outlook.com, DNS:office365.com, DNS:*.office365.com, DNS:*.live.com, DNS:*.internal.outlook.com, DNS:*.outlook.office365.com, DNS:outlook.office.com, DNS:attachment.outlook.office.net, DNS:attachment.outlook.officeppe.net, DNS:*.clo.footprintdns.com, DNS:*.office.com
| X509v3 Key Usage: critical
| Digital Signature, Key Encipherment
| X509v3 Extended Key Usage:
| TLS Web Server Authentication, TLS Web Client Authentication
| X509v3 CRL Distribution Points:
|
| Full Name:
| URI:http://crl3.digicert.com/DigiCertCloudServicesCA-1-g1.crl
|
| Full Name:
| URI:http://crl4.digicert.com/DigiCertCloudServicesCA-1-g1.crl
|
| X509v3 Certificate Policies:
| Policy: 2.16.840.1.114412.1.1
| CPS: https://www.digicert.com/CPS
| Policy: 2.23.140.1.2.2
|
| Authority Information Access:
| OCSP - URI:http://ocspx.digicert.com
| CA Issuers - URI:http://cacerts.digicert.com/DigiCertCloudServicesCA-1.crt
|
| X509v3 Basic Constraints: critical
| CA:FALSE
| Signature Algorithm: sha256WithRSAEncryption
| 7f:ac:07:6a:f0:78:0d:1f:a6:f1:c2:49:67:b4:7d:1f:e0:20:
| ae:87:88:3f:5e:6a:5e:98:36:31:e0:57:dc:c2:8f:9e:59:ba:
| 32:38:cd:9c:3d:44:f4:62:d9:2a:4d:1c:75:38:56:03:17:b1:
| 4b:57:71:48:3f:41:a9:ff:02:e5:f9:de:c1:fd:8d:9a:c1:e5:
| cc:ce:78:00:2a:b8:53:d7:fe:42:50:0a:83:55:03:76:9c:44:
| 70:14:38:bc:6f:0a:f0:1a:8e:98:d9:ec:b7:81:7b:6f:20:aa:
| 31:da:f6:51:f5:7c:93:3a:2b:74:cf:90:0c:b0:d1:dd:25:72:
| f2:50:ca:2d:18:c9:c9:4e:25:71:84:a1:0e:67:34:85:a2:db:
| c8:7e:b6:05:95:d7:a9:a2:ce:07:c3:c1:63:88:71:11:bd:1d:
| b7:15:4a:9a:22:73:3e:f7:f0:f3:da:b1:b4:8a:45:9d:b2:45:
| 28:6e:8c:a7:9b:78:93:3f:07:33:68:77:bb:4d:80:37:d2:8e:
| f0:51:cf:b6:41:79:21:1d:e5:03:2f:44:c0:a4:e4:a0:a3:ef:
| 82:20:b0:44:70:e7:a0:a5:a8:83:96:a9:17:05:a4:43:36:74:
| d9:ca:84:21:97:7b:e7:27:fb:95:43:ce:e5:7a:64:e4:5e:b7:
| ae:5f:f4:9d
bvstone
President and owner of BVSTools, Inc. An IBM i (AS/400, iSeries, System i) software and consulting company that has been around since 1995.
Updated on June 04, 2022Comments
-
bvstone almost 2 years
This may sound weird, but I have customers using my software that connects the IBM i (AS/400) to the office REST API using the host:
outlook.office.com
The URI used is: https://outlook.office.com:443/api/v2.0/me/sendmail
I also have some using the office365 smtp server at: smtp.office365.com port 587
I have confirmed that each of these randomly changes which SSL certificate they are presenting. This of course causes problems if they don't have one or the other CAs installed on their systems.
Any idea why this is happening? And how is that possible? Maybe some of the servers on their server farm are out of date or not updated? Seems pretty odd for MS to have an issue like this.
Here are the two certificates from outlook.office.com, both retrieved using SSL just a few minutes ago. I got lucky and was able to get both in two separate but same requests. I have yet to capture the 2nd one from smtp.office.365.com:587 UPDATE: I finally got the 2nd one from smtp.office365.com. I hope there are only 2. I put them below.
First cert:
-----BEGIN CERTIFICATE----- MIII6jCCB9KgAwIBAgIMClNGf9As464mLGTiMA0GCSqGSIb3DQEBCwUAMGIxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTgwNgYDVQQDEy9H bG9iYWxTaWduIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBTSEEyNTYgLSBHMzAe Fw0xNjEyMDYwMjM2MDNaFw0xODEyMDcwMjM2MDNaMIHyMR0wGwYDVQQPDBRQcml2 YXRlIE9yZ2FuaXphdGlvbjESMBAGA1UEBRMJNjAwNDEzNDg1MRMwEQYLKwYBBAGC NzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCldhc2hpbmd0b24xCzAJBgNVBAYT AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMRowGAYD VQQJExFPbmUgTWljcm9zb2Z0IFdheTEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv cmF0aW9uMRswGQYDVQQDExJvdXRsb29rLm9mZmljZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDVnsYR6WcdxylEo0L1UEVqeeYS2xq5nN+3Sv4O n2/wuK4VJQoFFWEc2VFGFJM2SM33VY1If81eniLPwMtKXnqXnWsvNQuXcAQ8stGS 5z/kopuEMTIOnkO38GwSqh8IqjrZ62zcJamXQjYDTlLZ4WzffqzytvPqBJGyLv5t riFrrUMi4ecnWwQZ5CWjbfLWl2VWU6UD29xHEOrkvmy7f95b/SNOQdEzkUdwki+1 41jOAIdFY1tEjpypqQaG7X00V/ho6Sf1rQ7awVncvPWAirkMpbLMF5zbDlJ8mypi dAN4bkj0lbRS/Dtc8virI6Xz5bmhLmiU6mUJb66ANkORKhcfAgMBAAGjggUNMIIF CTAOBgNVHQ8BAf8EBAMCBaAwgZYGCCsGAQUFBwEBBIGJMIGGMEcGCCsGAQUFBzAC hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2V4dGVuZHZh bHNoYTJnM3IzLmNydDA7BggrBgEFBQcwAYYvaHR0cDovL29jc3AyLmdsb2JhbHNp Z24uY29tL2dzZXh0ZW5kdmFsc2hhMmczcjMwVQYDVR0gBE4wTDBBBgkrBgEEAaAy AQEwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVw b3NpdG9yeS8wBwYFZ4EMAQEwCQYDVR0TBAIwADBFBgNVHR8EPjA8MDqgOKA2hjRo dHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzZXh0ZW5kdmFsc2hhMmczcjMu Y3JsMIIBWwYDVR0RBIIBUjCCAU6CEm91dGxvb2sub2ZmaWNlLmNvbYIdYXR0YWNo bWVudC5vdXRsb29rLm9mZmljZS5uZXSCIGF0dGFjaG1lbnQub3V0bG9vay5vZmZp Y2VwcGUubmV0ghNib29raW5ncy5vZmZpY2UuY29tghBkZWx2ZS5vZmZpY2UuY29t ghplZGdlLm91dGxvb2sub2ZmaWNlMzY1LmNvbYITZWRnZXNkZi5vdXRsb29rLmNv bYIUaW1nLmRlbHZlLm9mZmljZS5jb22CEG91dGxvb2subGl2ZS5jb22CFG91dGxv b2stc2RmLmxpdmUuY29tghZvdXRsb29rLXNkZi5vZmZpY2UuY29tghlzZGZlZGdl LXBpbG90Lm91dGxvb2suY29tghRzdWJzdHJhdGUub2ZmaWNlLmNvbYIYc3Vic3Ry YXRlLXNkZi5vZmZpY2UuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAdBgNVHQ4EFgQUibOk+gAchhr2nt4S9i98CEWHn1wwHwYDVR0jBBgwFoAU3bPn bagu6MVObs905nU8lBXO6B0wggH1BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AFYU Bpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABWNH89NwAAAQDAEcwRQIg c2xmavLASvF01Rk/m65LSciIcOY6J+KACjNMdtdy5T8CIQDH00c7toH1hlf/O2Ch Mpkqc8R8+148zM3eHnxbJDVuvgB1AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0R xM227L7MAAABWNH89RMAAAQDAEYwRAIgMoYZN4aCL+WrxJytfbkq4RmUz6+XRkip uwtazqq2oeUCIEOMlpxrlFFOqW4Z82dklwAsUUicxawPknzF8GVUYY2nAHcApLkJ kLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFY0fz1ZQAABAMASDBGAiEA qKur7IwFsXDe05VcuCCY6zpz9bZ97sYOKpKMlqVI+nwCIQCsotCnRYQGDGFb6Vv8 ZLt0vPW0jwZKR53AR0Ad4jHIPwB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDE e4l6qP3LAAABWNH8+FUAAAQDAEYwRAIgGUg1g86hjhR9AnAnB6E74NGEZFj6/ysU SEPxzYN+/90CIEFt0FtFNkkyvH5aXtmNQDmL5uNv3oNBSxqFJxDvCgB6MA0GCSqG SIb3DQEBCwUAA4IBAQCVGd5jEsBFjzgklgp5r8LW/BupR/4OBuSlqO8gDSxnYLv5 wwlDtACDlJfAXnk+RDZyWs8i55Jgr37TfWE/qjcY7O4jVAA+3B6tmvHrB2w6/jgW z8Wt4CcAyFQ1gq7r/3AqlwZ3tnX144m6j7XdM1UAlaJo+By0NnEHvYW9Ea2k/PcL v371xR8a8/vPQUKmTCe6WgRIqANgjpbQ7OVXPyeLMaZR49HMwuM1la7Dip4PoGa2 yvhni02zjNHja5wz8H/d00RTrgtWjUAkeHUBpSmxY7/NAYO6d/6pRLKPejpi0iCM fmRXlAfkJppOV2KntKizbSH22aib75Ca9uN3L+5K -----END CERTIFICATE-----
Second cert:
-----BEGIN CERTIFICATE----- MIIJYDCCCEigAwIBAgIMT+yR4vShGFqnC1XXMA0GCSqGSIb3DQEBCwUAMGIxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTgwNgYDVQQDEy9H bG9iYWxTaWduIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBTSEEyNTYgLSBHMjAe Fw0xNjEwMjgyMzA2MDRaFw0xODEwMjkyMzA2MDRaMIHyMR0wGwYDVQQPDBRQcml2 YXRlIE9yZ2FuaXphdGlvbjESMBAGA1UEBRMJNjAwNDEzNDg1MRMwEQYLKwYBBAGC NzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCldhc2hpbmd0b24xCzAJBgNVBAYT AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMRowGAYD VQQJExFPbmUgTWljcm9zb2Z0IFdheTEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv cmF0aW9uMRswGQYDVQQDExJvdXRsb29rLm9mZmljZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDBfPHSq3y7bJcHHF9uruj49I10JlRmvv7tJ39O P6F2SWf6fLGNpZ1lRNArUq7f1gIZe6l7wSDILXTpiurTTw1tbxQAYvRM217b3wyg U+56O+ra5L7wQP3ZmwC79sEgQ5H0kt31tNj1HVIhoabbYAPW+fiZlHQKx/2bhbs1 DnBAFDiPlvfq7VbHNgXguUHJNw6oUsWBEL4w3JEBfOmVInXYPPO4VOzpR0eQyvCi ku3/KF0e9Ki8sZ4AVakvtTkdrxzzRycLiNBVl8NdoZSN4VH2me8Z6e34lY4TvWQ5 buSCaXkNVer2F2C4ajkrgDamA9uD106FGKBV6FHQb01L1FGzAgMBAAGjggWDMIIF fzAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAC hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2V4dGVuZHZh bHNoYTJnMnIyLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNp Z24uY29tL2dzZXh0ZW5kdmFsc2hhMmcyMFUGA1UdIAROMEwwQQYJKwYBBAGgMgEB MDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9z aXRvcnkvMAcGBWeBDAEBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0 cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2V4dGVuZHZhbHNoYTJnMi5jcmww ggFbBgNVHREEggFSMIIBToISb3V0bG9vay5vZmZpY2UuY29tgh1hdHRhY2htZW50 Lm91dGxvb2sub2ZmaWNlLm5ldIIgYXR0YWNobWVudC5vdXRsb29rLm9mZmljZXBw ZS5uZXSCE2Jvb2tpbmdzLm9mZmljZS5jb22CEGRlbHZlLm9mZmljZS5jb22CGmVk Z2Uub3V0bG9vay5vZmZpY2UzNjUuY29tghNlZGdlc2RmLm91dGxvb2suY29tghRp bWcuZGVsdmUub2ZmaWNlLmNvbYIQb3V0bG9vay5saXZlLmNvbYIUb3V0bG9vay1z ZGYubGl2ZS5jb22CFm91dGxvb2stc2RmLm9mZmljZS5jb22CGXNkZmVkZ2UtcGls b3Qub3V0bG9vay5jb22CFHN1YnN0cmF0ZS5vZmZpY2UuY29tghhzdWJzdHJhdGUt c2RmLm9mZmljZS5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G A1UdDgQWBBQcjai1D1kq/Kpr0etENcaIlyZyDjAfBgNVHSMEGDAWgBTaQHdDZRz4 /qfj9GSCPk1DEyIxAjCCAm8GCisGAQQB1nkCBAIEggJfBIICWwJZAHYA3esdK3oN T6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFYDYsKUAAABAMARzBFAiA0dpz9 /USCUwZYcVs/5cg2XtaM1sHT4abxspmWJYwQGAIhAN1UMBQq5dUckVIiXPDg2r3d DJ+4ymN9McMwqnXbRN7AAHYAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ 0N0AAAFYDYsNDAAABAMARzBFAiEA1K8NwMXm69ZOoKC+ZgABJBRwIPxiru/lnD7R LNGLblACIFcymoibokPDmtRuzUwG0SZlBxOWqErc7E3b7WxOAlkcAHcApLkJkLQY WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFYDYsNPwAABAMASDBGAiEA+8Va RaGmQOzcNxJyaeJi7XZlMPbQDn5Hb0zJM76xYRkCIQDefPooWs96Ycr6yItrYvjk E1SHjaM1euhsby8uv5JT5gB2AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtP T/vEAAABWA2LDVYAAAQDAEcwRQIgX+AY+jEcDLphce0NjiCR4jpi5qzwf1XvXV8b /wP2OzUCIQCL/Eu8vxu2+loN2l8C4ydaiLC6J/hCTgLRFnv8MH823QB2AO5Lvbd1 zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABWA2LEDkAAAQDAEcwRQIhAO05 9svhj0nRNzwswJ/9UEUNUqNXYhCJojGFh7h4JKeUAiAiULtvav/AoAa6pnDM3wby oNRvaBVRcRwojzIISMPUxDANBgkqhkiG9w0BAQsFAAOCAQEANVCHwL2PYMbJdZ+U IM3gK5qj725uM8n6VjP9dnNBnPte898HZ1X83KZAPVQV5hhlqy8AwPfSHaBqaK7c QDZkfy7WuLvdkOWWNssUNQLq+RvZi7XqOVzZ6Wx+DppNFNVweppkWBg3/JIPSjWk lQp09PeKeq5GqBDw7A3BldV8Z3qu6kaoMl6EcZiP4jS0TKaHnYgbtSqZld1Karxq Js5O52Zehxsj0kputYoo/E2RcWtv3lVqptWc19RHU9127Iq7CLPZSLY1qyzK2mxa fKOdDzH9/S7aiMCAfCbPDokxjK138D4qbAAfIvo6bpKX9vZy2XGFHHGRizRUA4sY ctSOUA== -----END CERTIFICATE-----
First cert:
-----BEGIN CERTIFICATE----- MIIH3DCCBcSgAwIBAgITWgACDkKJ54xpWEiewQABAAIOQjANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgU1NMIFNIQTIw HhcNMTUxMDEzMjIyMDA0WhcNMTcxMDEyMjIyMDA0WjCBgjELMAkGA1UEBhMCVVMx CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv ZnQgQ29ycG9yYXRpb24xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEU MBIGA1UEAxMLb3V0bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDk/8ftuN2cH6i5FxI/CsvuILSy8G2eOknbQS32Fm55uosydk7oAlikv4g8 B9roHka5Sv7qBtaf9pDFdR4Yx3LgqSZl/ulYdpTlVFSbaYehQxx6CZzXmhSwk9ce B6SxmqHP6XeTj/J/rbAEvEoQN62o/kIU9huX0aPx74NthU2HV89YtHuTJ1c5uPf9 vsN7tATRcgKYgPQW9EvK29Yj9Z8boEKam0gmm1Wi8RGRfKdtYjV9vKTBaNLxv4W1 vkV8eG4lhqspa9EejUwu+TsPb1k+W8dHAy3Sq/yfJVmIGAv7hr91hWdQAqpFoER3 eNmZ/h2fUcXmQXeyxryNsB+Lm3jnAgMBAAGjggM+MIIDOjALBgNVHQ8EBAMCBLAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHgGCSqGSIb3DQEJDwRrMGkw DgYIKoZIhvcNAwICAgCAMA4GCCqGSIb3DQMEAgIAgDALBglghkgBZQMEASowCwYJ YIZIAWUDBAEtMAsGCWCGSAFlAwQBAjALBglghkgBZQMEAQUwBwYFKw4DAgcwCgYI KoZIhvcNAwcwHQYDVR0OBBYEFJ2wmBwkWtSd7VFTxNf2urGNe5APMB8GA1UdIwQY MBaAFFGvJCac9GgiV4AmKztGYhV7HsylMH0GA1UdHwR2MHQwcqBwoG6GNmh0dHA6 Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaXR3d3cyLmNy bIY0aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaXR3 d3cyLmNybDBwBggrBgEFBQcBAQRkMGIwPAYIKwYBBQUHMAKGMGh0dHA6Ly93d3cu bWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL21zaXR3d3cyLmNydDAiBggrBgEFBQcw AYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTBOBgNVHSAERzBFMEMGCSsGAQQBgjcq ATA2MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21z Y29ycC9jcHMAMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUH AwIwgecGA1UdEQSB3zCB3IILb3V0bG9vay5jb22CDSoub3V0bG9vay5jb22CDW9m ZmljZTM2NS5jb22CDyoub2ZmaWNlMzY1LmNvbYIKKi5saXZlLmNvbYIWKi5pbnRl cm5hbC5vdXRsb29rLmNvbYIXKi5vdXRsb29rLm9mZmljZTM2NS5jb22CEm91dGxv b2sub2ZmaWNlLmNvbYIdYXR0YWNobWVudC5vdXRsb29rLm9mZmljZS5uZXSCIGF0 dGFjaG1lbnQub3V0bG9vay5vZmZpY2VwcGUubmV0ggwqLm9mZmljZS5jb20wDQYJ KoZIhvcNAQELBQADggIBAA1MnIS+r3GyiJjg2+Zsx7q94z48ovRQJqIG6/c7UUzK 6tEFkIepADfLszI+y4dYG7GP1j9e6K2a1StF2/tEjF21IA6NS/ITiOFXoStLQZ4T I1Sb3IIQoOeWchtYf2KIQXYvQJutWuzp1gcRUH3xuHxKr+TFlIicWqQccnBYzUqV dm92IhlHqdjT4kKIYjPDXEy+GMeh9+h2CVAgitsuZHfVL9V8ik3trkh6prGotca/ JZ06cKr7CWL/Yz0zNKkjvvTF/pJ6m4UvkuhSJoaZYU4Rj3jjWqj1IrP6pDsc99Yd 5HkUSkUq4xN8yhDuMDEKUQ/IjRTx1znWLzTELwZeRvDk2t4xXFJIsGxm8j1aL7+O xXxrpM7hD71omQaxNa+4nYUuBDePp/1Ac/z7S2EPgRC/GMJ/UNcKfD/Hat8o1AP7 YT7RYF7GSqSxcEGKVhck5YAaQsbjjNdrx8N3Wo0qvu/BvJRGU79SvWgJAEfpbQFj qF3x1NR+mlEriTuujqAehX8QYdTwKNLMJSF5ZickGNCi+klBAd1kmvTdY3wf3KYL BQfUVkga1eLoqmWrPLFYhz8QFLF/GNiLkARIguAMZV77vc0Hl9UhN2wyEnBrfjmO dZKD/3bIMhW1l49oCkxhFki3ED9xNPD0xEBPW72bx0HyYp7Ch/1s3XZR/IfFaKDB -----END CERTIFICATE-----
Second Cert:
-----BEGIN CERTIFICATE----- MIIGKDCCBRCgAwIBAgIQDzMzs7xGVulbI0qZMRNoezANBgkqhkiG9w0BAQsFADBL MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSUwIwYDVQQDExxE aWdpQ2VydCBDbG91ZCBTZXJ2aWNlcyBDQS0xMB4XDTE2MTExNzAwMDAwMFoXDTE3 MTExNzEyMDAwMFowajELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldBU0hJTkdUT04x EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv bjEUMBIGA1UEAxMLb3V0bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCqIm5jtfxTLIQuJcxlTTUqJLar2qlYWXlmJyJFmErwtFyWgDgkpWqK C4Hnk9bpoLdYvwQ7typORxXd2r8X6eDx8yoevxaWfo6NF9njWerNonCihVy87w8u WoN3/BGZCJMp/0QuFyVe1MJuOj3R3quyozLvDwtJD92gUs5HJtngMkwJ2pxIkqbT sSMBbcEKczHY5FRejLEnYqKx4u65GE3zwUUffyuwL7bShOPCfARp57Mjvr07Bmng wLiYdKs74j/XBcwe30WxaSs4dUVhaG9LfTuqW/vOJXjZPW/n0axuRvA8nMr/5rKt awWIdQ9/7K9Fwa+Urq6L/I2xMachB32fAgMBAAGjggLnMIIC4zAfBgNVHSMEGDAW gBTdUdCiMXOpc66PtAF+XYxXy5/w9zAdBgNVHQ4EFgQUJsShNYS5psfb493ebQTy BMZV25YwggEGBgNVHREEgf4wgfuCHWNjcy5sb2dpbi5taWNyb3NvZnRvbmxpbmUu Y29tggtvdXRsb29rLmNvbYINKi5vdXRsb29rLmNvbYINb2ZmaWNlMzY1LmNvbYIP Ki5vZmZpY2UzNjUuY29tggoqLmxpdmUuY29tghYqLmludGVybmFsLm91dGxvb2su Y29tghcqLm91dGxvb2sub2ZmaWNlMzY1LmNvbYISb3V0bG9vay5vZmZpY2UuY29t gh1hdHRhY2htZW50Lm91dGxvb2sub2ZmaWNlLm5ldIIgYXR0YWNobWVudC5vdXRs b29rLm9mZmljZXBwZS5uZXSCDCoub2ZmaWNlLmNvbTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGNBgNVHR8EgYUwgYIwP6A9 oDuGOWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydENsb3VkU2Vydmlj ZXNDQS0xLWcxLmNybDA/oD2gO4Y5aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Rp Z2lDZXJ0Q2xvdWRTZXJ2aWNlc0NBLTEtZzEuY3JsMEwGA1UdIARFMEMwNwYJYIZI AYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D UFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAlBggrBgEFBQcwAYYZaHR0cDov L29jc3B4LmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDovL2NhY2VydHMu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0Q2xvdWRTZXJ2aWNlc0NBLTEuY3J0MAwGA1Ud EwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAEdYMggwa+BCKgVrlnVjubpBNhEl r7kD001Bg1qdtt8lmX7hW/AUHsNZV6CkJqdMIQxwDzQdBvHCVTennu9YYKFMFoz8 wmwvbk2vnQn5KeX7WEUVuUbU9YJ+4A6ixh8In5mLpjWZBT201m3APPD8IWmRd3CM 0fJEzyoEu64XQqoH0TRo2Og2NVWJd7LhnCwpgIUhYH8VKFNjoQtoNxDrKy7db0BC +3js2TXoK9mqVYkGrGtx/rTWoyBS5bWsaqVktU6YHMg+EiLVK7oH0etx6N4N3XKI s1Lv+eMHXGTj7UlG9gKzOHlNQKsNNOZ0eJhEoHFaAWXpKbXZT2lrG1m/hjc= -----END CERTIFICATE-----
I also hate to say it, but it's sad when paying customers are asking for help, even through an ISV like me and get ZERO response. Yes, I did post this here, at the social.msdn site and an Office 365 developers site. One customer even called support and was told "sorry, we can't help you."
Real tight ship there, MS. Real tight ship. Can't wait for this to happen when they renew certificates again in a year.