There are some situations in which Proxy SSL (Secure Socket Layer) Bumping/Break and Inspect may cause the Office Real-Time Presence feature to not work as expected on desktop applications, leading to issues with collaboration and document editing. 

Why is this happening? 

  • Office attempts to connect to a real time service URL and retrieve a leaf server certificate to set up the handshake.

  • In some customer networks, SSL inspection on that URL may cause the certificate retrieved to be signed by a different intermediate authority than the default Microsoft authority.

  • Office must follow the certificate chain from the leaf to the root certificate to trust the leaf certificate and establish the real-time connection. If it is unable to locate the intermediate certificate, a handshake cannot be established.

What can I do about it? 

We recommend the following steps to ensure the Real-Time Presence feature works correctly: 

  • Exempt URLs from SSL Inspection: Admins can exempt the set of URLs (*.officeapps.live.com) from SSL inspection and SSL bumping entirely.

  • Verify Certificate Chain: Admins can ensure that the certificate chain issued by their own proxy authority (from the leaf to the root certificate) is deployed on all client machines. Alternatively, configure your proxy to return the full certificate bundle including intermediate certificates.

Important: If these steps do not resolve the issue, consider reaching out to Microsoft Support for further assistance.

Learn more 

Collaborate on Word documents with real-time co-authoring - Microsoft Support 

Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn (entry 46) 

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.