nexus.officeapps.live.com

[Kings30 0]

Hi,

Whenever I open office application such as word, excel, powerpoint, etc. Eset showing notification "the certificate of this server (nexus.officeapps.live.com) has been marked by as untrustworthy and the connection is not safe.

Is this virus? i google this url by it seems it is under microsoft.

[Marcos 3,987]

Please carry on as follows:

- in the advanced setup -> tools -> diagnostics enable advanced protocol filtering logging
- reproduce the warning
- disable logging
- collect logs with ESET Log Collector and upload the generated archive here.

[Kings30 0]

Hi.

I've followed your procedures.

Please check generated archive from ESET Log Collector.

eav_logs.zip

[Kings30 0]

Sometimes not only nexus.officeapps.live.com but also odc.officeapps.live.com and nexusrules.officeapps.live.com too.

[Marcos 3,987]

CERT_TRUST_IS_UNTRUSTED_ROOT and CERT_TRUST_IS_PARTIAL_CHAIN is reported.

The certificate is signed by Fortinet which performs SSL inspection in your network but a valid root cert. is not installed on the client to establish trust.

[Kings30 0]

So what is the solution for this? Is there anything we can do to remove the ESET pop up everytime we open MS Office?

[Marcos 3,987]

You must import the Fortigate root certificate to clients' trusted root CA cert. store or avoid SSL filtering by Fortigate.

The root CA can be downloaded as per https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/874405/downloading-the-certificate

[Kings30 0]

Hi. Thanks. It seems to be working fine now. No Eset notifications regarding nexus.officeapps.live.com since the import of the Fortigate root certificate to clients' trusted root CA cert. store.