Microsoft 365 Exchange Error Code 5.7.325 – certificate-host-mismatch: Remote certificate MUST have a common name or subject alternative name matching the hostname (DANE)

In this post, let’s have a look at the error message “5.7.325 – certificate-host-mismatch: Remote certificate MUST have a common name or subject alternative name matching the hostname (DANE)” that you get when working with Microsoft 365 Exchange Online.

These are the errors that you usually receive when there is a problem in delivering the email message that was sent by you. These errors are generated and sent by Office 365. This is usually alled as DSN which stands for delivery status notification or in simple words bounce messages.

NDR or Non-delivery report is one of the common type of message that you receive which indicates to the user that the email was not delivered.

Error Message

5.7.325 – certificate-host-mismatch: Remote certificate MUST have a common name or subject alternative name matching the hostname (DANE)

Error Details

This happens when the presented certificate identities (CN and SAN) of a destination SMTP target host don’t match any of the domains or MX host.

This message usually indicates an issue on the destination email server. Check the validity of recipient address and determine if the destination server is configured correctly to receive messages. For more information, see How SMTP DNS-based Authentication of Named Entities (DANE) works to secure email communications.