Ask a Question

Advanced Search

Alert ID : GN280819051110

Last Modified : 09/11/2019

Keygen support dropped with Firefox 69

Description

What is Keygen?

The HTML <keygen> element exists to facilitate generation of key material, and submission of the public key as part of an HTML form. This mechanism is designed for use with Web-based certificate management systems. It is expected that the <keygen> element will be used in an HTML form along with other information needed to construct a certificate request, and that the result of the process will be a signed certificate.

What is happening?

The support for the non-standard <keygen> HTML element and HTMLKeygenElement DOM interface has been removed with Firefox 69.

You will need to use an alternative browser such as Internet Explorer or Safari when you pick up your certificate.

Note: There is no action required on your current certificate. You can use it until expiry.

Who will it affect?

The following enrolment types will be affected;

  • SMIME
  • Client Certs
  • Code Signing
  • Admin IDs

Essentially, any enrolment that uses the browser to generate the key pair will cease to work with Firefox 69 onwards.

What Browsers support Keygen?

What action do you need to take?