Forum Discussion
Raymond Preston
Aug 02, 2019Copper Contributor
How do i get Edge to trust our internal Certificate Authority
Is there any way to get edge to stop flagging our internal certs as non trusted ? Pkiview.msc shows that there are no problems with the CA windows shows the cert is trusted. Yet edge marks it as ...
Raymond Preston
Aug 28, 2019Copper Contributor
v-gapart Yes, On the latest version im still having every single cert signed by our internal CA marked as invalid by edge
When i click on the button there it brings up the Windows Certificate Dialog which shows the certificate is fine
Nothing crazy with the cert either its a Windows CA issued cert
v3 Template
sha512RSA
sha512
RSA 4096
Looks fine in internet explorer.
BalazsBerczi
Sep 15, 2020Copper Contributor
Did you have resolve this issue?
I have also an internal PKI and internal webistes. All internal sites showed UNSAFE.
Do you have maybe any resolution for this?
Thanks
Regs
Balazs
- Naomarn22Nov 12, 2023Copper Contributor
BalazsBerczi For anyone running across this I found the solution after a lot of searching and testing. You have to generate the CSR from MMC Certificates. Open advanced operations and then top section, select CN and the value of your FQDN. In the bottom section, select DNS and use FQDN again. Then just request your web server certificate how you normally do. To check open the cert and go details, scroll down and you should see Subject Alternative Names has the DNS name. Make sure you restart iis after you update it on your server.
- htcfreekSep 15, 2020Iron Contributor
Hi.
I had this problem a few weeks ago too. (Our internal CA was not trusted in Edge.)
I have fixed it by applying our IE-GPO (Internet Explorer settings) on the machine.
I think the problem is caused by an incomplete, incorrect or missing intranet sites list or intranet zone settings. (But I don't looked for the direct settings which was causing the problem.)
Best regards.
htcfreek
- Nawar-AlMallouhi310Sep 15, 2020Copper ContributorHi,
Can you explain how exactly?
Regards- htcfreekSep 16, 2020Iron Contributor
I don't know what I should explain to you exactly.
Unfortunatly at the moment I can't reproduce the problem.
But I think the reason could be one of the following setting if it is incorrect:
- Your root ca is not installed.
- Your url is not marked as meber of the zone intranet in the zone-site-list.
Can you posted the shown security warning id (like NET::ERR_CERT_COMMON_NAME_INVALID). You have to reenable the security warning to see it.
Regards.