Office 365 Outlook autodiscover returns an encrypted connection to your mail server is not available running cpanel website

Office 365 Outlook autodiscover returns an encrypted connection to your mail server is not available running cpanel website

Even if you add the autodiscover.domainname.com CNAME autodiscover.outlook.com entry to your dns, when you go to add your office 365 mailbox to outlook, it takes a long time to respond and finally returns

An encrypted connection to your mail server IS not available.
Click Next to attempt using an unencrypted connection.

When Outlook tries to contact the Autodiscover service on the Exchange server with the Client Access Server (CAS) role, it can use several different methods to reach the service, depending on the client-server topology. The currently implemented methods used by Outlook are:

  1. SCP lookup
  2. HTTPS root domain query
  3. HTTPS Autodiscover domain query
  4. Local XML file
  5. HTTP redirect method
  6. SRV record query
  7. Cached URL in the Outlook profile (new for Outlook 2010 version 14.0.7140.5001 and later versions)
  8. Direct Connect to Office 365 (new for Outlook 2016 version 16.0.6741.2017 and later versions)

If you are running a cpanel hosted website with email routing set to local, your outlook is going to the HTTPS root domain query method first and cpanel responds with the incorrect settings, so outlook can’t configure the account.

https://social.technet.microsoft.com/Forums/lync/en-US/4099e289-55bf-476b-a9c4-ee1377046df7/cpanel-autodiscover-conflict-with-exchange?forum=exchangesvrgeneral

If you cannot change the cpanel email routing setting to remote due to the server still needing to receive emails during a transition to office 365, review the Autodiscover-related registry data you may have on your Outlook client, and ensure the data is configured correctly. Also, if you are unsure if the registry data is needed, consider changing the data for any of these registry values and then test Outlook to see if you experience a difference in Autodiscover.

Copy the below to a .reg file and import:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover]
“ExcludeHttpsRootDomain”=dword:00000001
“ExcludeScpLookup”=dword:00000001
“ExcludeHttpsAutoDiscoverDomain”=dword:00000001
“ExcludeHttpRedirect”=dword:00000000
“ExcludeSrvRecord”=dword:00000001

Or open regedit and go to:

Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover

Add new DWORD entries

ExcludeScpLookup=1 (don’t use SCP lookup for autodiscovery)

ExcludeHttpsRootDomain=1

ExcludeHttpsAutoDiscoverDomain= 1

ExcludeSrvRecord=1

This should get outlook to bypass going to the cpanel server, and instead use the ExcludeHttpRedirect method, which uses the autodiscover DNS redirection to autodiscover.outlook.com

https://docs.microsoft.com/en-GB/outlook/troubleshoot/profiles-and-accounts/unexpected-autodiscover-behavior

You could also setup a local autodiscover.XML file to provide the correct information – see https://www.howto-outlook.com/howto/autodiscoverconfiguration.htm for instructions.

Try steps here for further troubleshooting https://docs.microsoft.com/en-us/exchange/troubleshoot/outlook-issues/cannot-set-up-profile-autodiscover

More information on the records here https://techgenix.com/using-autodiscover-large-numbers-accepted-domains-part1/