How do i get Edge to trust our internal Certificate Authority

Is there any way to get edge to stop flagging our internal certs as non trusted ? Pkiview.msc shows that there are no problems with the CA windows shows the cert is trusted. Yet edge marks it as ...

BlakeDrumm

Microsoft

Mar 28, 2023

Raymond Preston in my experience the issue was due to the certificate not containing a Subject Alternative Name.

DNS=MS02-2022.contoso-2022.com

naseeb18

Copper Contributor

Apr 11, 2023

BlakeDrumm

i had the same problem with edge and chrome but not internet explorer .

here what i did to solve it :

1) On the destination server that need the certificate , launch mmc

2) add certificate => loalhost

3) Create custom Request => Proceed without enrollment policy => No template & PKCS#10

General Tab:

4) Frindly name : certificateWebServer

full : Common Name( "FDQN") ,email, country, Locality,Organization, Organization unit

5) in alternatif name , chose DNS and enter the same as Common Name( "FDQN")

6) in Extension tab => Key usage :

CRL Signing,Data enciperment,Decipher only,Digital signature, Encipher only

in Extension tab => Extended Key usage :

server authentificcation

clientauthentificcation

In private Key :

4096 and activate "Make private key exportable"

7) go on your PKI server (eg: http://myPki.lan/certsrv ) paste the request

😎 dowload .cer and install it.

test 🙂

Forum Discussion

How do i get Edge to trust our internal Certificate Authority

Resources