Why does Trust/Link block browser-based key generation on Google Chrome?

Google Chrome utilizes the <keygen> tag to generate certificate keys within the operating system it is installed on.
 
As of Google Chrome 49, the <keygen> function has been disabled by default.  The custom filetype handling has also been removed.  This breaks the functionality of the <keygen> tag within Chrome.
 
As a workaround, you should install your browser-based key generated certificate using Microsoft Internet Explorer (which still uses the CertEnroll.dll), Mozilla Firefox (which still supports the <keygen> function) or Safari on Mac (which also uses the <keygen> function).
 
Microsoft Edge does not support the <keygen> tag or the CertEnroll.dll ActiveX controls. At this time, Microsoft Edge should not be used for certificate creation.

Add Feedback