Partner Blog 09-18-2019

Partner Advisory: In-browser CSR generation support dropped in Firefox 69

Tobias Zatti

What You Need to Know

Mozilla removed support for the non-standard (keygen) HTML element and HTMLKeygenElement DOM interface in Firefox 69. This aligns with the trend following other leading browsers:

  • Google Chrome removed support for this public key generator functionality in Chrome 57, shipped in March 2017.
  • The functionality was never implemented in Microsoft Edge.

This change does not affect active code signing certificates. They can be used until they expire.

Take Action

When you generate the CSR for a code signing certificate, use Microsoft Internet Explorer or Apple Safari.

If your customer's or your environment only permits usage of Firefox, consider using Firefox ESR or a portable copy of Firefox.

For more information, see our knowledge base article.

If you have questions or concerns, please contact Partner Support at


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Pioneering the next wave of secure digital solutions 


Unlocking Device Trust Manager

A Q&A with DigiCert Director of Product Management Kevin Hilscher

6 reasons signed SBOMs are essential to software security