Forum Discussion

Raymond Preston's avatar
Raymond Preston
Copper Contributor
Aug 02, 2019

How do i get Edge to trust our internal Certificate Authority

Is there any way to get edge to stop flagging our internal certs as non trusted ? Pkiview.msc shows that there are no problems with the CA windows shows the cert is trusted.

 

Yet edge marks it as invalid. If the cert is verified up to a trusted root CA it should be valid in edge just like it is in internet explorer.

    • Raymond Preston's avatar
      Raymond Preston
      Copper Contributor

      v-gapart Yes, On the latest version im still having every single cert signed by our internal CA marked as invalid by edge

       

       

      When i click on the button there it brings up the Windows Certificate Dialog which shows the certificate is fine 

       

       

      Nothing crazy with the cert either its a Windows CA issued cert 

       

      v3 Template
      sha512RSA
      sha512
      RSA 4096

       

      Looks fine in internet explorer.

      • BalazsBerczi's avatar
        BalazsBerczi
        Copper Contributor

        HiRaymond Preston 

         

        Did you have resolve this issue?

         

        I have also an internal PKI and internal webistes. All internal sites showed UNSAFE.

         

        Do you have maybe any resolution for this?

         Thanks

        Regs

        Balazs

  • I think it would be nice to have a list of urls that can ignore the certificate trust check.

  • GotToBeStrong's avatar
    GotToBeStrong
    Copper Contributor
    Bump: 2021 now and still no resolution? I've recently run into this deploying an internal ERP solution's web front-end. The solution is designed only to work in Edge; but Edge won't trust our internal domain CA certs no matter what I do. I even spent the last week upgrading PKI signing hash algorithms to make sure we were within current standards (even though the offline root CA in a multi-tier infrastructure shouldn't matter). The solution won't be public facing, so purchasing a public cert seems pointless and a waste for this essentially cosmetic warning.
    Looked at this every which way and while I can get Edge to give me different errors depending on how I construct the URL to request our ERP's web page the overarching end result is Edge simply doesn't seem to like internal Domain CA certs.

Resources