Root CA DOESN'T WORK in Internet Explorer 11 - but DOES work in Edge, Firefox

Question

On a few user's workstations, I'm seeing an issue.

Though this "Root CA" is in the Trusted Root Certification Authorities Store, for both their machine and their user, IE11 will not trust this certificate.

I can browse to the same site in Edge with no trust issue. Same for Firefox with security.enterprise_roots.enabled = true

95% of other devices with the same certificate store settings are NOT having this issue.

The only other thing that might be important - my sample testing machine where this is NOT an issue is running IE 11.1006.17134.0 - a machine WITH the issue is running IE 11.1.18362.0. Can't seem to find any helpful information on changes between these versions.

TL;DR: why is my root CA not working in IE but works in other browsers?

score 0 · Accepted Answer · answered Oct 02 '19 at 15:17

0

This has something to do with the fact that the root CA is SHA-1. I would expect Edge to also reject the certificate if this is the case, but I'm noticing that only later versions of IE have this problem.

answered Oct 02 '19 at 15:17

beansbeans

71
1
7

Root CA DOESN'T WORK in Internet Explorer 11 - but DOES work in Edge, Firefox

1 Answers1