Symptoms
When trying to create a PandD package from within a SharePoint 2013 site (using the K2 app), the following error appears:
Content was blocked because it was not signed by a valid security certificate.
One has to click back in order to continue browsing and the file never downloads (this happens at the download step).
Diagnoses
The first thing we noticed was that there were two bindings in IIS for the K2 site - both HTTP and HTTPS. However, K2 was only intended to be used with HTTP.
We ran a Fiddler trace during the creation of the PandD package within SharePoint and noticed that for all steps, only HTTP URLs were used, however at the step where the user was supposed to download the actual PandD file, it tries to access a HTTPS URL. Because we used Fiddler at the time (since it's a proxy) we got a Certificate Error inside Fiddler and chose to continue, we were then able to successfully download the file.
The K2 site is using a self-signed certificate and Internet Explorer just never brought up the warning message with the option to continue, it just immediately brings up the "Content was blocked" error.
Resolution
It was found that even though HTTPS is not used, the Environment Field called "SmartForms Runtime SSL" was still created. It seems as though this field is needed by the K2 for SharePoint app to download the PandD file (and possibly other events).
The final solution to this issue was to edit that field in the Environment Library and change the value to the HTTP binding in IIS. After doing this, K2 didn't try to access any HTTPS binding during any operation of K2 related things in the SharePoint 2013 site collection.
So just to be clear, the name stayed the same - "SmartForms Runtime SSL" - however the value changed to the http binding.
