Self-signed trusted root certificate is not recognized by Edge

Question

For development, my team is using a self-signed SSL certificate. After installing the certificate in my machine's Trusted Root Certification Authorities store, the SSL certificate is recognized as valid in Chrome and IE 11:

Internet Explorer 11:

Chrome 69:

But Edge (version 42) seems to be ignoring the certificate:

Based on the message I'm getting from Edge ("This might be because the site uses outdated or unsafe TLS security settings"), I thought that my local development server might be using an outdated TLS version, but I can verify in Chrome's development tools that traffic is being encrypted using TLS 1.2:

Why does Edge seem to be ignoring my self-signed certificate that I have installed as a Trusted Root Certificate? How can I fix it?

Things I've tried:

Installing the same certificate in my Personal and Intermediate Root Certification Authorities stores
Restarting my machine

For self signed certificates on Windows, the certificate name must exactly match the machine name. I always add localhost too. This means that you sometimes must rename your computer to be a valid DNS name. Then add the name to your hosts file. — John Hanley

Nathan Friend Nathan Friend · Accepted Answer · 2018-11-01T13:45:40

After quite a bit of investigation, we discovered the root cause - our company's antivirus software (Sophos) is blocking Edge (and only Edge) from reaching internal IP addresses. Edge's error message - "outdated or unsafe TLS security settings" - was misleading; Edge's requests weren't able to make it to the wire at all.

Self-signed trusted root certificate is not recognized by Edge

2 Answers