https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/347270#M86615 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/43480">@BPry</a>thank you for your information. I just wonder if disabling ssl-decryption for O365 traffic could be a risky since malware/trojan/virus... should be sent via the email. It seems there is no way to properly decryption O365 traffic. I will disable ssl-decryption for O365's URLs to make it work.</P> Mon, 07 Sep 2020 14:26:22 GMT tienngo 2020-09-07T14:26:22Z https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/346014#M86439 <P>Hello there,</P><P>&nbsp;</P><P>Here I have deployed a set of secure rules for Office365 follow the official Paloalto guide. Now we encounter problem with office365 when ssl-decryption is enabled. Some users cannot activate office365, please refer the error as below.&nbsp;</P><P>&nbsp;</P><P>So is it safe if we make a not-decrypt policy for O365's URL using Minemeld?</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="BKQT6uZ" style="width: 778px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/27554iE300D7D0ECCD1146/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="BKQT6uZ" alt="BKQT6uZ" /></span></P><P>&nbsp;</P><P>Thank you for any advice!</P> Mon, 31 Aug 2020 05:20:50 GMT https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/346014#M86439 tienngo 2020-08-31T05:20:50Z https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/346146#M86458 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/134148">@tienngo</a>,</P> <P>You can't decrypt a lot of Microsoft FQDNs, and you absolutely can't decrypt windows update traffic reliably. The Office365 error is probably more to do with the fact that you can't decrypt Microsoft logins, as it breaks the login process for Office365.&nbsp;</P> Tue, 01 Sep 2020 00:18:13 GMT https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/346146#M86458 BPry 2020-09-01T00:18:13Z https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/347270#M86615 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/43480">@BPry</a>thank you for your information. I just wonder if disabling ssl-decryption for O365 traffic could be a risky since malware/trojan/virus... should be sent via the email. It seems there is no way to properly decryption O365 traffic. I will disable ssl-decryption for O365's URLs to make it work.</P> Mon, 07 Sep 2020 14:26:22 GMT https://live.paloaltonetworks.com/t5/general-topics/microsoft-update-and-activation-problem-with-ssl-decryption/m-p/347270#M86615 tienngo 2020-09-07T14:26:22Z