Jul 14 2020 03:55 AM
Hi,
I am trying to request advanced certificate from certification authority via Edge Chromium (version 83.0.478.58). The CA supports only http connection. I am connecting to CA in IE mode. The CA is in the Intranet zone. When I clicked on the link "Create and submit a request to this CA" the information "The Web site is attempting to perform a digital certificate operation on your behalf...." was not displayed and on the page with Advanced Certificate Request the CSP field did not display providers there was only Loading message. In IE on the same computers everything works fine. Could you please give me some advice how to solve this issue in Edge Chromium?
Jul 15 2020 03:27 AM
Jul 15 2020 06:04 AM
@HotCakeX thank you for response.
In normal Edge mode when I clicked on advanced certificate request I was directly redirected to "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. " page.
The page where I have option to select "Create and submit a request to this CA. " or "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. " was not displayed.
Sep 28 2020 04:09 AM
I think this is technological limitation of Edge Chromium, it doesnt support needed technology (ActiveX).
The Web Enrollment role hasn't goten virtually any update since WS 2008 , seems development of it is pretty abandoned. Just keep some IE's.
https://docs.microsoft.com/en-us/troubleshoot/browsers/csp-shows-loading-for-certificate-request
Sep 30 2020 05:20 AM
Thank you for response. We are trying to simplify environment as much as possible but it seems that vision to have only one web browser is not realistic.
Oct 05 2020 12:49 AM
@VjekoV I got little more information from MS.
Indeed - the webpage hasnt gotten any recent updates to make it compatible with Edge. Currently IE engine is present on all supported MS Windows OS'es , and remains there until lifecycle ends. So "easy" solution is to remeber to open certificate enrollment page always with IE. If You need more Enterprise solution - You should investigate Edge IE Enterprise mode ( which allows automatic redirection/opening of listed sites in IE) - https://docs.microsoft.com/en-us/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie...
Oct 06 2021 10:52 AM
I do realize this is an old post, but here we are 2021 October and now Windows 11 doesn't include IE at all. Haven't had a chance to try Server 2021 to see if its pki finally fixed this problem? Seems like a MASSIVE miss if it doesn't fix the problem.
Mar 01 2022 07:27 AM
Mar 01 2022 08:45 AM
@J 1901 Commercial (at least standard solution) is no option for company using PKI heavily in infra ( for example automatically enrolling and renewing user/device certificates , 802.1X authentication, etc) . And this part is working well. If Your company size is thousands of endpoints it should be handled automatically ( GPO, certificate templates does great job here) BUT some part is stuck in history which makes entire MS PKI solution not modern :( .
May 11 2022 09:32 AM