Share via

'Not Secure' warning on New Edge for site with trusted certificate chain

DaveK 1,871 Reputation points
2022-05-04T16:04:21.89+00:00

Hi, I've got a web based system which I'm supporting which is EOL, uses Silverlight and as such IE. The system which is being implemented to replaced this older Silverlight based one won't be available until around August time and with the retirement date of IE11 landing before then I've started to do some testing with the new Edge and IE11 Enterprise mode. Enterprise mode is working fine but we are getting 'Not Secure' warnings on the webpage with a description 'The site has a valid certificate issued by a trusted authority. However some parts of the site are not secure'.

The certificate is issued from our own PKI so I'm happy that is as it should be so I'm thinking there is something being detected within the webapp / Silverlight where it maybe be submitting something unsecure. As the all is only available internally on our network and has been used in IE11 for years, the security folk are happy to accept the risk and we are fairly sure this is just because the newer browser if checking something which IE11 didn't.

So my question would be, is there any way with Edge to disable this warning globally or for specific sites so these additional checks are not carried out?

Cheers

Windows for business | Windows Client for IT Pros | User experience | Other
Microsoft Edge | Microsoft Edge development
0 comments
Accepted answer
  1. Anonymous
    2022-05-06T02:40:57.497+00:00

    Hi anonymous userKwas

    I think you're experiencing the same thing described in the last two comments in this link. If there's any http-served content in your https page, it will show "Not Secure" in Edge IE mode. Actually, in this situation, it will also show not secure in IE by hiding the lock icon from the address bar.

    The default reference links to the Silverlight support pages are http. I suggest that you change the http references to https and make sure there's no http content in your pages.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Regards,
    Yu Zhou

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,926 Reputation points
    2022-05-09T07:47:30.28+00:00

    Hi there,

    You can hide the Not secure message by editing the group policy but it is not recommended to do so. Instead, try to look deeper into the issue and resolve it.

    You can hide the error message by editing this GPO OverrideSecurityRestrictionsOnInsecureOrigin. Microsoft Edge - Policies https://learn.microsoft.com/lt-lt/DeployEdge/microsoft-edge-policies#overridesecurityrestrictionsoninsecureorigin

    To resolve this issue, an organization that hosts the secure Web site can purchase a certificate for each Web server from a third-party provider. Or, the organization can install a Microsoft Enterprise certification authority in the Active Directory forest. Then, the organization can use this certification authority to generate a certificate for each Web server.

    https://support.microsoft.com/en-us/topic/-there-is-a-problem-with-this-website-s-security-certificate-when-you-try-to-visit-a-secured-website-in-internet-explorer-0b8931a3-429d-d0e2-b38f-66b8a15fe898

    ---------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.