Vision
Products
- OLFEO SSE
  SWG
  Web security made easy
  DNS
  Security through DNS filtering
  CASB
  The Cloud Access Security Broker for securing the use of SaaS applications
  Log Connector
  Integrate Olfeo with your SIEM or XDR solutions
- OLFEO ON-PREMISE
  Secure Web Gateway
  The highest level of web security within your IT perimeter
  DNS Filtering
  Olfeo web security for unmanaged devices and workstations
- OLFEO AWARENESS
  Awareness
  The e-learning solution to raise your employees' awareness of cyber risks
- OLFEO DATABASE
  URL
  Olfeo's white label URL database
  SaaS Application
  Olfeo's white-label SaaS application database
Solutions
- BY BUSINESS SECTOR
  Local authorities
  Town halls, intermunicipal authorities, communities of municipalities
  Health
  Hospitals, clinics, university centers
  Education
  Elementary schools, middle schools, high schools, universities
  OIV, EE, and EI
  Operators of Vital Importance, Essential Entities, and Important Entities
- BY USE CASE
  Web filtering in the workplace: protection, productivity, and compliance
  Everything you need to know about Secure Web Gateway
  Understanding Security Service Edge (SSE)
  Never without my Proxy: the love story of Firewalls and Proxies in business
  What is URL filtering?
  Shadow IT: the hidden side of your internal infrastructure
  Understanding Zero Trust Network Access (ZTNA)
Resources
- RESOURCES
  White papers
  Olfeo expertise for everyone.
  Videos
  Check out the videos and tutorials
- BLOG
  News
  News, tutorials, and opinions
  Podcasts
  Listen to cyber news and issues by Olfeo
- TESTIMONIALS
  Val d'Oise Department Poitiers University Hospital Roederer Champagnes Carcassonne Town Hall Greater Cognac Area
- GLOSSARY
  We break down cyber terms for you
Partners
- PARTNERS
- Become a partner
  Find out how to join the Olfeo partner network
- Technology alliances
  Find Olfeo's partners and technology integrations
Support
- Support
  Your access to Olfeo teams
- Technical documentation
  See all our documentation and release notes for our products
- Knowledge base
  Discover our technical articles and Olfeo knowledge bases
- Classification request
  Contact Olfeo to add an unknown URL to the filter database.

Ekinops Contact us

▶ BLOG

KB No. 2799: CERTIFICATE ERROR FOR ENTITLEMENT.DIAGNOSTICS.OFFICE.COM (WITH OUTLOOK)

KB OLFEO On-Premise

November 15, 2023

Outlook displays a certificate error for entitlement.diagnostics.office.com

Background

Outlook displays a "Security Alert" related to the certificate for entitlement.diagnostics.office.com, indicating that the certificate is issued by olfeo.com.

Procedure

The certificate for the Nginx web server installed on the Olfeo server is displayed because Microsoft's DNS record for entitlement.diagnostics.office.com contains the IP address 0.0.0.0.

root@machine:/# host entitlement.diagnostics.office.com
entitlement.diagnostics.office.com is an alias for ods-entitlement.trafficmanager.net.
ods-entitlement.trafficmanager.net is an alias for ods-entitlement-weur-web.cloudapp.net.
ods-entitlement-weur-web.cloudapp.net has address0.0.0.0

The resolution to 0.0.0.0 causes the proxy to query Nginx, which is listening locally, hence the incorrect certificate. We recommend bypassing the proxy for entitlement.diagnostics.office.com because the expected response will not be received due to the resolution (0.0.0.0). This is likely a request that the workstation must execute locally.