Guide to Resolve SharePoint Website Access Issues in Chromium Edge with SSL Certificate
10707
post-template-default,single,single-post,postid-10707,single-format-standard,mkd-core-1.0,sparks-ver-1.1.2,,mkd-smooth-page-transitions,mkd-ajax,mkd-grid-1300,mkd-blog-installed,mkd-header-standard,mkd-no-behavior,mkd-default-mobile-header,mkd-sticky-up-mobile-header,mkd-dropdown-slide-from-bottom,mkd-header-style-on-scroll,mkd-full-width-wide-menu,mkd-header-standard-in-grid-shadow-disable,wpb-js-composer js-comp-ver-5.2.1,vc_responsive
totalebizsolutions.com

News & Events

Guide to Resolve SharePoint Website Access Issues in Chromium Edge with SSL Certificate

Introduction 

Microsoft ends its support for IE 11 browser on 31st October 2020. Hence, most companies want to ensure that the applications are compatible and certified with Chromium Edge. Chromium Edge browser has the features of both Google Chrome and IE Edge. 

Definitions/Abbreviations 

resolve-sharepoint-access-issues1 

Site access issue in Chromium Edge 

Some companies have faced issues with the website access in Chromium Edge which worked well in IE browser. Below is the error screenshot of the SharePoint Sites which worked in IE 11, but are now facing issues with Chromium Edge.  

“Your Connection isn’t private 

Attackers might be trying to steal your information from <<website-name>> (for example, passwords, messages, or credit cards). 

NET:ERR_CERT_COMMON_NAME_INVALID 

………………………………………………………………….. 

 

resolve-sharepoint-access-issues2

Chromium Edge has a feature, which does not allow any website to be displayed if the SSL certificate has missing SAN (Subject Alternative Name). But in Chrome, if the error persists, there is a bypass option to access the site.  

Resolution steps 

Follow the below steps for the resolution, 

  1. Check for the Subject Alternative Name (SAN) in the current SSL Certificate 
  2. Generate CSR for SSL certificate with SAN details 
  3. Import the Signed Certificate in the server after receiving from Certificate Provider 
  4. Bind the new certificate in IIS and check the site in Chromium Edge 

 Step-1: Check for the Subject Alternative Name in the SSL Certificate 

  1. Click on the Certificate à Details à Check for the Subject Alternative Name 
  2. The SAN details should me missing in the certificate 

Step-2: Generate CSR for SSL certificate with SAN details 

Follow the below steps to generate CSR for SSL certificate with SAN, 

  1. Click on Run à MMC in the web server 
  2. Click on File à Add or Remove Snapin 
  3. In the dialog box, click on Certificates and Add 
  4. Select Computer Account and click on Next 

5. Select Local Computer and click on Finish and OK 

6.Expand the Certificates tree and click on Personal 

7.In the Personal Store, right click and select All Tasks à Advanced Operations à Click on Create Custom Request 

8. In the Certificate Enrollment window, click on Next 

9. Select “Proceed without enrollment policy” under custom request and click on Next 

10.In the template drop down, select (No template) Legacy key and click on Next 

11.In the Certificate Information page, click on the Details and click on Properties button, 

12.In the Certificate Properties, provide the Friendly name and Description for the certificate. Click on Apply. There is a bug in MMC, that if the Apply button is clicked then the values won’t be saved after moving to the next tab in the Certificate Properties window. 

13.In the Subject tab, provide the below details under Subject name. Type should be Full DN and the below values needs to be entered in Value field and click on Add. 

Similarly add the other details, 

CN = www.sitename.com 

OU = domainname.com 

O = Company Name 

L = SG 

S = SG 

C= SG 

Where CN = Common Name, OU = Organization Unit, O = Office, L = Locality, S = State, C= Country 

14.In the Alternative name, select the DNS in Type drop down and provide the alternate name as given below, 

DNS = www.sitename.com 

DNS = sitename.com 

DNS = domainname.com 

15.Click on Apply and select the Extensions tab 

16.Click on “Extended Key Usage (application policies), select Client Authentication in the Available options and click on Add 

17.Click on Apply  

18.Select the Private Key tab, click on Key Options 

19.In the Key size drop down, select 2048 

20.Then select the check box “Make private key exportable” and click on Apply 

21.Click on OK button and Next 

22.In the File Name, enter the filename of the certificate and store it in a location with Base 64 file format and click on Finish 

23.Copy the file and share it with the certificate provider for the SSL certificate signing 

 Step-3Import the Signed Certificate in the server 

 Follow the below steps to import the signed certificate in the server provided by Certificate provider, 

  1. Go to MMC à Certificates à Personal Store  
  2. Right click and click on All Tasks à Import 
  3. Select Next and browse the certificate which is stored in the respective location 
  4. Click on Next and OK 
  5. Now the certificate will be imported to Personal Store 

Step-4: Bind the new certificate in IIS and check the site in Chromium Edge 

 Follow the below steps to bind the certificate in IIS, 

  1. Click on Run à type inetmgr to load the IIS 
  2. Click on the site where the certificate needs to be bind in IIS 
  3. Click on Bindings option in the right side of the IIS and click on Edit in the https bindings 
  4. In the SSL certificate drop down, choose the SSL certificate which is imported 
  5. Click on OK and close the Bindings dialog box 
  6. Browse the site and check whether the SAN details is part of the certificate 

Check out our SharePoint Blogs. 

Learn more about our SharePoint expertise, here. 

You can also, Request A Demo