question

kongyoungseok-6666 avatar image
0 Votes"
kongyoungseok-6666 asked BogBoi-667 commented

How to get rid of "Not secure" mark in Edge browser (when insecure content/mixed content is allowed)

We are in the process of transitioning from IE11 to the Edge browser.

Our company's Internet network is a closed network.

We have been issued a valid SSL certificate. Therefore, the main site is normally accessed through HTTPS.

The main site screen did not appear normally because there were resources and links that were loaded via HTTP from the main site.

So I allowed insecure content (mixed content) in Edge browser settings.

When we did that, the address bar at the top was showing a "Not secure" message.

We must remove the "not secure" sign.

For some reason, it is not possible to change all linked resources to HTTPS.

I tried various settings in the registry referring to MS Docs, but I couldn't find the setting.

When using IE compatibility mode, the "Not secure" message was not displayed,

I don't want to use IE compatibility mode.

In the current state, there is no way to suppress the "not secure" message with registry settings or other settings.

Ask if there is. Thanks for reading.

ms-edge
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

YuZhou-MSFT avatar image
0 Votes"
YuZhou-MSFT answered BogBoi-667 commented

Hi @kongyoungseok-6666

There're two ways you can choose to suppress the "Not secure" message. Please refer to the following and choose one which fits you:

  • Option 1: Config OverrideSecurityRestrictionsOnInsecureOrigin policy to suppress the "Not secure" message.

    This policy can specify a list of origins (URLs) or hostname patterns (like "*.contoso.com") for which security restrictions on insecure origins don't apply.

    This policy also prevents the origin from being labeled "Not Secure" in the omnibox.

  1. Open Local group policy editor.

  2. Browse to the location Computer Configuration/Administrative Templates/Microsoft Edge.

  3. Double click Control where security restrictions on insecure origins apply.

  4. Click Enabled.

  5. Under Options, click Show... and type the URLs you want to apply this policy under Value, click OK.

  6. Click Apply, OK to save the policy setting.

  7. Restart Edge and navigate to the URLs you config in the policy to check the result.
    148409-image.png

  • Option 2: Change Edge flags to suppress the "Not secure" message.

  1. Open Edge, type edge://flags in the address bar, then press Enter.

  2. Type the word secure in the search box.

  3. Find Insecure origins treated as secure and change it to Enabled.

  4. Type the URLs you want to apply this flag in the text box below.

  5. Restart Edge and navigate to the URLs you config in the policy to check the result.
    148397-image.png


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Regards,
Yu Zhou


image.png (88.5 KiB)
image.png (41.2 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @kongyoungseok-6666

May I know whether your issue has been solved or not? If not, please share it here. We can work together to figure it out.

1 Vote 1 ·

Hello @YuZhou-MSFT

I just wanted to let you know I ran into this issue as well and used option 2 as a remedy. It solved the issue immediately and was super easy to manage.

Thank you for the clear instructions, it made for a very quick solve to this rather annoying little problem.

Best,
Bog Boi

0 Votes 0 ·