SSL error during redirect from office 365 oauth


When authenticating an Office 365 account, a redirect will be made to localhost using HTTP. However, chrome now ‘forces’ HTTPS, causing an SSL error without actually adding the account.

It could be that this does not only occur for Office 365. However, I don’t remember it happening on any of my other accounts.

To Reproduce…

Steps to reproduce the behavior:

  1. Use Chrome as default browser
  2. Add account in mailspring
  3. Select Office 365
  4. Go through the authentication process until an SSL error occurs.

Expected Behavior

No SSL error should occur, either it should accept the fact that SSL was used for communication and use HTTPS, or it should use HTTP (quite difficult since chrome is very stubborn)


Will add as soon as the problem occurs again. (should be soon since I am also having this issue)


Mailspring: 1.9.2-6e14dad1
Chrome: 96.0.4664.110
Platform: Windows 10
Installation: EXE installer

Additional Context

I believe you are running a local HTTP server to receive the oauth2 code, this server could check if SSL was used for the connection, and if it was, it should redirect to another port for HTTPS.

The certificate used for HTTPS could be self-signed or alternatively, I am not 100% sure this works, you could add your own host to the hosts file, e.g., and get a certificate for that domain from an official certificate authority.

A screenshot of the error happening in chrome.