I was checking the URLs used for downloading and updating Microsoft 365 apps on our Windows systems, and I found references to http://officecdn.microsoft.com. I'm curious if anyone knows if this actually only uses HTTP instead of HTTPS for these large files. What are the correct subdomain URLs I should be aware of, and is there something more to this?
4 Answers
Actually, it initially connects via HTTP but then redirects to HTTPS. The use of HTTP might be for compatibility reasons, but rest assured, the actual downloads occur over a secure connection. So, you're safe!
You might want to check out this link: [https://connectivity.office.com/](https://connectivity.office.com/). It could provide you with more insights and help clear up any questions you have about connectivity.
Yeah, sometimes I wonder if anyone's watching when you download Office. It's quite the thought! But seriously, there's usually nothing to worry about.
Many CDNs use HTTP for file delivery but employ signature checks through secure channels. This method also allows setting up caching proxies. Given that Windows Update uses HTTP, I wouldn't be shocked if Office does the same.
Got it! To configure firewall rules or adjust VPN settings, do I need to account for both HTTP and HTTPS, even if Microsoft mainly lists the HTTP? That's good to know.