Microsoft 365 and Office | Development | Other
Building custom solutions that extend, automate, and integrate Microsoft 365 apps.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 64%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFT%3C/text%3E%3C/svg%3E)
Hi fchambo
Thank you for reaching out to Microsoft Q&A Forum and sharing your detailed inquiry with screenshots regarding the issue with your NoNighter Copilot add-in. I understand how confusing it can be to encounter certificate-related challenges with Office Add-ins, especially when they affect only a single client while working smoothly for others.
The error message “The content is blocked because it isn’t signed by a valid security certificate” generally signifies that Excel is unable to validate the SSL/TLS certificate associated with the add-in’s resources. While this is common in development with self-signed certificates, seeing it in production may suggest an environmental or configuration issue on the client’s side as the issue impacts only one client.
From relevant research and documented cases, you may consider these recommended following steps and verifications.
Verify Server Certificate Configuration:
- Ensure the certificate used by your production site is issued by a trusted Certificate Authority (CA) and includes the full chain (intermediate + root). Missing intermediate certificates can cause Office to reject the content, even if the main cert looks valid in a browser.
- Check for any expired or mismatched certificates. If you're using a CDN or third-party endpoints for resources, verify their certificates as well.
Test Certificate in Browser:
- Ask the client to open the add-in URL in Microsoft Edge (with IE mode enabled) and look for any certificate warnings.
- Ensure the issuing CA is trusted on the client's machine.
Check for Network and Security Interference:
- If the organization uses SSL inspection or a proxy, confirm that the replacement certificate is trusted by Office.
- Some organizations enforce strict policies via Group Policy or Windows Defender Application Control that block unsigned or untrusted content. Ask if the client’s machine has additional security software or antivirus performing HTTPS filtering.
Clear Office Cache: Have the client clear the Office cache to rule out corrupted data. For guidance, refer to: Clear the Office cache - Office Add-ins | Microsoft Learn
Use Debugging Tools: Use browser DevTools on the client machine to inspect network calls and confirm if the certificate chain is intact. In Excel, if the task pane loads partially, press F12 to open the tools and check the Console/Network tabs.
Enable Office Add-in Debugging: In Excel, go to Options > Trust Center > Trust Center Settings > Add-ins and ensure “Require Application Add-ins to be signed by Trusted Publisher” is unchecked for testing purposes.
Note: The troubleshooting is mostly client-side, but confirming your server certificate configuration first is essential.
References:
- Validate an Office Add-in's manifest - Office Add-ins | Microsoft Learn
- Privacy and security for Office Add-ins
I hope one of these steps gets you back up and running. Please let us know how you get on, as your feedback can help others in the community facing the same problem.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.