Certificate Lapse Causes Browser Warnings
A key domain used by IT administrators to test network connectivity to Microsoft 365 began displaying security warnings on Monday after its TLS certificate expired. The domain connectivity.office.com now shows a NET::ERR_CERT_DATE_INVALID error in Chromium-based browsers, indicating the certificate could not be validated. The certificate, issued by Microsoft Azure RSA TLS Issuing CA 07, expired on June 14, 2026, at 08:38:02 UTC, after a six month validity period that began in December 2025.
Impact on Enterprise IT Workflows
The connectivity.office.com domain is specifically designed for enterprise network engineers to diagnose Microsoft 365 connectivity issues, such as verifying that firewalls or proxies are not blocking traffic to Microsoft servers. With the certificate expired, browsers flag the site as untrusted, and any automated scripts or tools relying on HTTPS connections to this endpoint may fail or throw certificate validation errors. Organizations that use this endpoint in network health checks or onboarding verification scripts are directly affected, breaking diagnostic workflows.
The incident is notable given Microsoft’s concurrent push urging enterprise customers to renew aging 2011 era Secure Boot certificates ahead of their own June to October 2026 expiry schedule. Certificate lifecycle management failures are among the most preventable security misconfigurations, and automated renewal systems exist to prevent such lapses. Microsoft has not yet issued a public statement regarding the expired certificate as of the time of writing.
Source: Cyber Security News
