How to fix the ERR_SSL_KEY_USAGE_INCOMPATIBLE Microsoft Edge?

Jesse Mead 65 Reputation points
2024-01-29T18:00:58.24+00:00

This is being seen when we try to go to a self signed certificate in latest version 121.0.2277.83 64-bit. We get this error ERR_SSL_KEY_USAGE_INCOMPATIBLE. Is there a fix for this?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,589 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,635 questions
{count} votes

4 answers

Sort by: Most helpful
  1. Jaden Moore 80 Reputation points
    2024-01-29T19:14:53.8466667+00:00

    I have had this same issue all morning. My entire software infrastructure has been offline after my devices updated to Edge 121.0.2277.83 and gave me the ERR_SSL_KEY_USAGE_INCOMPATIBLE issue.

    I fixed it through the following steps:

    1. I had to create a new self signed SSL certificate through PowerShell, using the following command: New-SelfSignedCertificate -FriendlyName ANY_CERT_NAME -DnsName YOUR_SERVER_PC_NAME -KeyUsage DigitalSignature (the main change here is the KeyUsage type - the IIS Manager wouldn't let me create self signed certificates with this type).
    2. Go into your IIS Manager, and edit your sites' bindings to use the newly created certificate. This guide shows exactly how I did it: https://docs.tenable.com/identity-exposure/Installation/Content/06_Manage/view-IIS-certificate.htm

    Hope this helps.

    16 people found this answer helpful.

  2. Dennis A 5 Reputation points
    2024-01-30T17:52:32.0966667+00:00

    Jaden, thanks for your help, the solution worked for me. One note though - I had to use CERTLM-MMC to manually copy newly created certificate to the Trusted Root Certification Authorities store.

    1 person found this answer helpful.

  3. Markus Louw 1 Reputation point
    2024-08-12T11:34:41.45+00:00

    I had to install a web service on a server and got this error. There were 2 certificates available for me to use when binding to https, I got this error with the first cert, but the 2nd one was ok and did not give this error.

    0 comments No comments

  4. Matthew Teague 0 Reputation points
    2024-09-12T16:08:51.8933333+00:00

    Use firefox... I use edge primarily but this is an issue that exists on both edge and chrome. For accessing routers and self-signed cert sites you can use firefox to avoid these unnecessary restrictions. Otherwise, you can start using letsencrypt to generate certificates for your personal infrastructure. That would likely solve the issue for you in this instance.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.