I encountered a customer case that was originally escalated as an Exchange server issue impacting multiple users.

After a brief inspection I found that the Exchange server itself appeared healthy, and began working with one of the end users to troubleshoot some more.

When this person launched Outlook they were receiving an SSL error message:

Outlook Error: The Application Experienced an Internal Error Loading the SSL Libraries
Outlook SSL internal error

The application experienced an internal error loading the SSL libraries.

Clicking View Certificate showed the following information:

Outlook Error: The Application Experienced an Internal Error Loading the SSL Libraries
Outlook system-level error

A system-level error occurred while verifying trust

I also found that the end user had received an error at logon that their roaming profile could not be loaded, and they were also unable to access their My Documents.

With that information in hand we turned our attention to the storage appliance at the site, and it was found that the storage system’s clock was out by more than 5 minutes, breaking Kerberos and causing authentication to fail for the users attempting to connect to network shares.

Having never experienced a network file share outage impacting Outlook/Exchange in this manner with SSL errors I was interested to learn more. I found that the AppData folder for the users was also redirected to a share on the same storage appliance.

I found this article that on brief inspection seems to confirm that the section of the Application Data folder shown in the screenshot below is critical for SSL validation.

Outlook Error: The Application Experienced an Internal Error Loading the SSL Libraries

So it appears that the contributing factors in this situation were:

  1. Storage system clock skewed by more than 5 minutes, breaking Kerberos authentication
  2. Users unable to authenticate and access network file shares, including the redirected Application Data folder
  3. Lack of access to Application Data folder impacts SSL validation when Outlook is making HTTPS requests to Exchange
  4. Unable to validate the SSL cert, Outlook fails in a secure manner by preventing the client connecting to Exchange

Once the storage system clock was corrected and access resumed, the SSL errors were gone.

About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.

Comments

  1. skide.godt

    I had this problem with Outlook 2016 and Exchange 2016 on-prem, the error “application experienced an internal error loading the SSL libraries” started to appear randomly for several users after migration from from Ex2010 to Ex2016. I spend days playing with this as it seemed totally random, appeared a couple of times a day for some users with no apparent correlation to anything else. The solution was to block TLS1.0, TLS1.1 and TLS_DHE cipher suites from the Ex2016 published on Load Balancer. If one does not have LB then most likely removing these protocols/ciphers from Ex2016 IIS should do the job.

    1. Paul Cunningham

      It might be, but that fix is for an issue that I normally see a different error for.

  2. Nick Carrazza

    I have the same issue with office 365 hosted Exchange looked at all local servers and there dates and times are fine got any Ideas could it be Microsoft’s Servers

    1. Paul Cunningham

      The only time I’ve ever seen this issue it was because of the factors I demonstrate in the article. Maybe there are other possible root causes, but those are the only ones I’ve ever seen.

  3. Matt

    This is a long shot, since its 7 months old, but I’m having the same issue in Citrix – upgrading from Exchange 2003 to 2010 – just like the previous post says.

    Users on Citrix are getting the same error “the application experienced an internal error loading the SSL libraries” when opening Outlook 2010. This is only happening on Citrix. The same user can open Outlook without any issues on their local machine, but gets the error when opening Outlook in Citrix.

    I haven’ been able to find any information about this error at all – and I’ve searched tons of pages.

    1. Paul Cunningham

      I’ve only encountered the issue in the wild once and it was due to the issue described in the article above (which I was able to reproduce in a lab). There may be other causes, but that is the only one I’m aware of.

  4. Joel

    Currently performing mailbox moves from 2003 to 2010 and we had this happen to us today in a Citrix environment for 1 user.

    We’ve checked for any issues related to your description above and have not come across any eye soars so far. Any advice on what to check for or how to troubleshoot?

    Thank you in advance Paul.

    Joel

Leave a Reply