Partner Blog 09-18-2019

Partner Advisory: In-browser CSR generation support dropped in Firefox 69

Tobias Zatti

What You Need to Know

Mozilla removed support for the non-standard (keygen) HTML element and HTMLKeygenElement DOM interface in Firefox 69. This aligns with the trend following other leading browsers:

  • Google Chrome removed support for this public key generator functionality in Chrome 57, shipped in March 2017.
  • The functionality was never implemented in Microsoft Edge.

This change does not affect active code signing certificates. They can be used until they expire.

Take Action

When you generate the CSR for a code signing certificate, use Microsoft Internet Explorer or Apple Safari.

If your customer's or your environment only permits usage of Firefox, consider using Firefox ESR or a portable copy of Firefox.

For more information, see our knowledge base article.

If you have questions or concerns, please contact Partner Support at


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Survey says: 1/3 of leaders are more vulnerable than they think

Making smart homes smarter: How TUO adds security to every device

A Q&A with TUO Accessories Co-Founder and CEO Sam Gabbay

Lessons from the Equifax data breach

How poor certificate visibility led to a
76-day-long leak of sensitive information