How to Fix Outlook Error: The Server You Are Connected To Is Using a Security Certificate That Cannot Be Verified

After installing Bitdefender on Windows, some users may see the following pop-up message when opening Outlook or sending and receiving email:

The server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect.

In most cases, this certificate warning is caused by either:

An incorrect email server address configured in Outlook
An expired or mismatched SSL certificate on the mail server

This guide explains what the error means, why it may appear after installing Bitdefender, and how to safely resolve it.

Why This Certificate Error Appears in Outlook

Microsoft Outlook uses encrypted SSL/TLS connections to communicate securely with email servers. During that process, the mail server presents a digital certificate that confirms its identity.

Outlook checks the certificate to ensure:

The certificate is trusted
The certificate has not expired
The server name matches the certificate name exactly

If Outlook expects one server name but receives a certificate for another, it displays the warning: The server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect.

How Bitdefender Can Trigger the Certificate Warning

Bitdefender includes security features that scan encrypted web and email traffic to detect malware, phishing attacks, and malicious attachments.

To inspect encrypted traffic, Bitdefender temporarily acts as a secure intermediary between Outlook and the email server.

Normally this process works silently in the background. However, if the email server certificate is already misconfigured, expired, or mismatched, Bitdefender’s inspection can cause Outlook to display more noticeable certificate validation warnings. In other words, Bitdefender is often exposing an existing certificate issue rather than creating a completely new one.

Should You Ignore the Warning?

Users sometimes click Yes to bypass the warning temporarily and continue using Outlook. Although the connection may still work, certificate warnings should not be ignored permanently.

These warnings are designed to protect against:

Fraudulent servers
Man-in-the-middle attacks
Misconfigured certificates
Expired security certificates

If the warning appears repeatedly, the root cause should be identified and corrected.

Troubleshooting the Issue

The troubleshooting process involves checking the Outlook server settings for incorrect characters and verifying whether the mail server certificate is valid.

Step 1: Check Outlook Email Server Settings for Extra Dots or Incorrect Characters

One of the most common causes of this Outlook certificate warning is a typo in the incoming or outgoing mail server settings, especially an extra period (“dot”) at the end of the server address. Because SSL certificates require an exact match, Outlook treats these as completely different server names.

How to Check the Server Settings in Outlook

The exact menu names may vary slightly depending on the Outlook version, but the process is generally the same.

Open Microsoft Outlook on your computer.
Click File in the upper-left corner.
Next, select Account Settings, then choose Account Settings again from the dropdown menu.
In the Email tab, select your email account from the list.
Click Change.
You will now see the server configuration information. Carefully check for extra periods or dots, spaces, misspellings, incorrect domain names or additional characters in:
- Incoming mail server (IMAP or POP)
- Outgoing mail server (SMTP)

For example:

Incorrect:

pop3.comcast.net.

Correct:

pop3.comcast.net

After correcting any issues:

Click Next, then click Done to save the settings.
Restart Outlook and test the connection again.

If the warning disappears, the issue was caused by a server name mismatch.

Step 2: Verify Whether the SSL Certificate Is Expired

If the Outlook server settings appear correct, the next step is to check the mail server’s SSL certificate. An expired or improperly configured certificate can also trigger the error: The server you are connected to is using a security certificate that cannot be verified.

How to Check the Certificate

Visit the SSL Checker website: https://www.sslshopper.com/ssl-checker.html
Enter the mail server name from Outlook in the Server Hostname field. Example: pop3.[your_domain].com
Then click the Check SSL button.
The tool will verify certificate expiration dates, certificate name mismatches, trust chain problems, and SSL configuration issues.

What to Do Based on the SSL Checker Results

Based on the SSL checker results, do one of the following:

If the Certificate Is Expired or Invalid

Contact your mail server administrator or hosting provider to renew or replace the certificate and correct any SSL/TLS configuration problems.
As a temporary workaround, you can add the affected mail server domains to Bitdefender’s Online Threat Prevention exceptions list. This prevents Bitdefender from scanning encrypted traffic for those specific servers. Follow the appropriate guide below:

- How to Add an Online Threat Prevention Exception in Bitdefender Total Security, Internet Security or Antivirus Plus
- How to Add an Online Threat Prevention Exception in Bitdefender App (Hub)

If the Certificate Is Valid and Trusted

Contact the Bitdefender Support team for further assistance.