Partner Advisory: In-browser CSR generation support dropped in Firefox 69

What You Need to Know

Mozilla removed support for the non-standard (keygen) HTML element and HTMLKeygenElement DOM interface in Firefox 69. This aligns with the trend following other leading browsers:

  • Google Chrome removed support for this public key generator functionality in Chrome 57, shipped in March 2017.
  • The functionality was never implemented in Microsoft Edge.

This change does not affect active code signing certificates. They can be used until they expire.

Take Action

When you generate the CSR for a code signing certificate, use Microsoft Internet Explorer or Apple Safari.

If your customer's or your environment only permits usage of Firefox, consider using Firefox ESR or a portable copy of Firefox.

For more information, see our knowledge base article.

If you have questions or concerns, please contact Partner Support at sslpartnersupport@digicert.com.


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

Featured Stories


Why It’s Never Been a Better Time to Automate


DigiCert shuts down legacy Symantec TLS systems with migration of more than 250,000 customers and partners to CertCentral


Looking beyond the Lock – Reliable Identity in Today’s Web Age