Mailbox Creation failure - Exchange 2016 CU22
I forgot to mention sometimes i have seen 127.0.0.1 or ::1 have its own binding without a SSL assigned and you should check this.
Can you browse to the website in IE on the server without an issue?
Legend! That's the issue. I couldn't access ECP or OWA using https://localhost, or even https://ex01.mydomain/ecp. The strange thing is I can access both ECP and OWA extenally using https://publicDomain.com/owa or ecp. The problem was Hostname was filled in and SNI was enabled for the binding, here is the new binding setup:
hostname: make sure it's blank
Require Server Name Indication: untick
Thanks for all your help.