Microsoft ends its support for IE 11 browser on 31st October 2020. Hence, most companies want to ensure that the applications are compatible and certified with Chromium Edge. Chromium Edge browser has the features of both Google Chrome and IE Edge.
Site access issue in Chromium Edge
Some companies have faced issues with the website access in Chromium Edge which worked well in IE browser. Below is the error screenshot of the SharePoint Sites which worked in IE 11, but are now facing issues with Chromium Edge.
“Your Connection isn’t private
Attackers might be trying to steal your information from <<website-name>> (for example, passwords, messages, or credit cards).
Chromium Edge has a feature, which does not allow any website to be displayed if the SSL certificate has missing SAN (Subject Alternative Name). But in Chrome, if the error persists, there is a bypass option to access the site.
Follow the below steps for the resolution,
- Check for the Subject Alternative Name (SAN) in the current SSL Certificate
- Generate CSR for SSL certificate with SAN details
- Import the Signed Certificate in the server after receiving from Certificate Provider
- Bind the new certificate in IIS and check the site in Chromium Edge
Step-1: Check for the Subject Alternative Name in the SSL Certificate
- Click on the Certificate à Details à Check for the Subject Alternative Name
- The SAN details should me missing in the certificate
Step-2: Generate CSR for SSL certificate with SAN details
Follow the below steps to generate CSR for SSL certificate with SAN,
- Click on Run à MMC in the web server
- Click on File à Add or Remove Snapin
- In the dialog box, click on Certificates and Add
- Select Computer Account and click on Next
5. Select Local Computer and click on Finish and OK
6.Expand the Certificates tree and click on Personal
7.In the Personal Store, right click and select All Tasks à Advanced Operations à Click on Create Custom Request
8. In the Certificate Enrollment window, click on Next
9. Select “Proceed without enrollment policy” under custom request and click on Next
10.In the template drop down, select (No template) Legacy key and click on Next
11.In the Certificate Information page, click on the Details and click on Properties button,
12.In the Certificate Properties, provide the Friendly name and Description for the certificate. Click on Apply. There is a bug in MMC, that if the Apply button is clicked then the values won’t be saved after moving to the next tab in the Certificate Properties window.
13.In the Subject tab, provide the below details under Subject name. Type should be Full DN and the below values needs to be entered in Value field and click on Add.
Similarly add the other details,
CN = www.sitename.com
OU = domainname.com
O = Company Name
L = SG
S = SG
Where CN = Common Name, OU = Organization Unit, O = Office, L = Locality, S = State, C= Country
14.In the Alternative name, select the DNS in Type drop down and provide the alternate name as given below,
DNS = www.sitename.com
DNS = sitename.com
DNS = domainname.com
15.Click on Apply and select the Extensions tab
16.Click on “Extended Key Usage (application policies), select Client Authentication in the Available options and click on Add
17.Click on Apply
18.Select the Private Key tab, click on Key Options
19.In the Key size drop down, select 2048
20.Then select the check box “Make private key exportable” and click on Apply
21.Click on OK button and Next
22.In the File Name, enter the filename of the certificate and store it in a location with Base 64 file format and click on Finish
23.Copy the file and share it with the certificate provider for the SSL certificate signing
Step-3: Import the Signed Certificate in the server
Follow the below steps to import the signed certificate in the server provided by Certificate provider,
- Go to MMC à Certificates à Personal Store
- Right click and click on All Tasks à Import
- Select Next and browse the certificate which is stored in the respective location
- Click on Next and OK
- Now the certificate will be imported to Personal Store
Step-4: Bind the new certificate in IIS and check the site in Chromium Edge
Follow the below steps to bind the certificate in IIS,
- Click on Run à type inetmgr to load the IIS
- Click on the site where the certificate needs to be bind in IIS
- Click on Bindings option in the right side of the IIS and click on Edit in the https bindings
- In the SSL certificate drop down, choose the SSL certificate which is imported
- Click on OK and close the Bindings dialog box
- Browse the site and check whether the SAN details is part of the certificate
Check out our SharePoint Blogs.
Learn more about our SharePoint expertise, here.
You can also, Request A Demo.