This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 15%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDH%3C/text%3E%3C/svg%3E)
Hi,
I regularly receive error 1008
Exception encountered while fetching mitigations : System.Exception: This XML is not deemed safe to consume since Response xml's signing cert is invalid or not from microsoft
The issue started June 9.
Any suggestions?
King regards,
Dmitry
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 0%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Do events appear on a single server or multiple?
Br,
Svetozar
HI, see my answer here:
https://learn.microsoft.com/en-us/answers/questions/887192/exchange-emergency-mitigation-xml-file-contains-ex.html?childToView=887224#answer-887224
Ok, got confirmation this is being worked on and will be fixed.
Also see. Other certs were forgotten as well :)
https://www.theregister.com/2022/06/10/microsoft_insider_certificate/
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 6%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Hello @Dmitry Horushin
Welcome to Microsoft Q&A Platform,
Please refer to the thread below as it's related to the same scenario:
I hope this helps!
----------
Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Yes, Event 1008 with the same source will be logged for any errors that are encountered, such as when the EM service cannot reach the OCS(Office Config Service).
Ensure that your Exchange servers can communicate with the Internet to validate the certificate chain.
simulate the behaviour of the EEMS by getting the test page with a browser (https://officeclient.microsoft.com/getexchangemitigations). For those of you not being familiar - look at the schema links in the XML document as well as the certificate of the URL and check all the certificate chaining, revocation lists URLs and so on.
For the IPs compare the blocked IPs with the following networks and allow them:
https://www.microsoft.com/en-us/download/details.aspx?id=53602
https://www.gstatic.com/ipranges/goog.json
https://github.com/SecOps-Institute/Akamai-ASN-and-IPs-List/blob/master/akamai_ip_cidr_blocks.lst
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 14.000000000000002%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
The X509 certificate has expired. Look here: https://techcommunity.microsoft.com/t5/exchange-team-blog/addressing-your-feedback-on-the-exchange-emergency-mitigation/bc-p/3498825#M33257
Same issue started here around the same date.
Hi,
Thank you for your answers and questions.
1) Error 1008 appears every hour on all Exchange servers.
2) There is no problems to connect to https://officeclient.microsoft.com/getexchangemitigations
Browsers on all servers return the same answer. I think that it's something wrong with the signature as it's described on the reference of @nak
Best regards,
Dmitry
Hi, Andy.
Thank you for providing details.
Now the issue is resolved.
Have a nice day!
Dmitry