Untrusted certificates in Edge for iOS and Android

Brass Contributor

Hello,

Certficates deployed from Intune for iOS especially are not seen as trusted on Edge app even the trusted root certificate has been deployed as well.

 

I want to ask you how Edge is handling the certificates deployed from Intune on a iOS device and Android? Is any related documentation regarding Edge certificates for iOS and Android and best practices on how to push them via config profiles?

9 Replies

@dsmodus Hello!  Is this for certificate-based authentication?  If so, there is a note at the bottom of this section with more information: https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-client-support-certificate-b...

 

Thanks! 

 

-Kelly

@dsmodus- Were you able to solve this? I have a similar problem.
We've deployed the trusted root certificate to iOS/iPAD devices and it works in Safari, but not in Edge. In Edge sites are marked as untrusted.

 

@Kelly_Y - I can't find the note you're refering to.

 

- Tom Aril

No. We still have the same issue in Edge as you described.

@dsmodus @Tom_Aril Hi!  The only issue in our backlog that I can find is for Certificate Based Authentication on iOS.  If you are continuing to have issues, can you please submit diagnostic data through the browser?  Here are the instructions for mobile: 

 

  1. Tap the menu  > Send feedback.

  2. Under Describe what’s happening, describe your issue. Include as much detail about the issue as you can.

  3. Turn on Send device information and Include this screenshot.

  4. Tap Send.

-Kelly

Ok Kelly_Y, I will. Thanks.
Hello dsmodus,
Have you solved this problem.?

We have the same issue...
have you find a solution?

Hi @dsmodus Would you mind sending a screenshot of the symptoms you saw? Is it like the page is not secure?

 

Certificated based authentication(CBA) is not supported for Edge iOS due to the lack of the Apple’s API to allow 3rd party browser to access to the system keychain. The certificate in CBA is  users certificate, which is used to do the authentication. However, the certificate in your scenario is issued for a website. Not used for user authentication.

 

If you could provide a screenshot, that would be very helpful.

hi @Charlie_Lin 

 

Note side on IOS, we want to use the user pkcs certificate (deployed via Intune) to authenticate it on a local website in the browser edge.
During our various tests, the website closes the connection, unauthenticated user. As you mentioned, the certificate is probably not accessible from Edge (screenshot in attachement).
Is there a solution? Maybe use the "PKCS imported certificate" strategy?

This same process works very well or on Android.