Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.
Category published:  M365,AZURE,INTUNE Microsoft SCCM,MEM,MDT WSUS   Click on the Category button to get more articles regarding that product.

MS Edge Chromium Stable 125 closes on W11 after you open it, two workaround

Posted by admin on 22.05.2024

Problems with Microsoft EDGE Chromium V125 Browser closes on W11 just after you open it


We had some people, including IT, reporting that after they updated to Microsoft Edge Chromium V125 Stable through WSUS on 22.05.2024, they could not start the browser anymore. Any repair attempt failed. The only solution we found this morning on one machine was to download the Beta 125 or Dev 126 Preview version. We did not have any more time to invest in this issue. People on the same domain/network/VLAN did not have any problems with physical or VM/VDI machines with V125. We are unsure if this has been related to the TLS CIPHER change that EDGE CHROMIUM also changed the last few weeks. (Google chrome 124 and Edge Chromium Probleme Webserver SSL-Brechen [DEU] – |


The affected IT person had an HP laptop with Windows 11 at their home office. Perhaps certificate revocation is blocked in the home office, but we did not have more time to investigate.



Quick Workaround they found number 1:

Download Edge for Business (

choose the “BETA” if that does not work use the early adapter “DEV”



Other people seeing this but had that earlier while using the BETA AND DEV as standard browser: (Clearly they where hit earlier by the BUG)


Quick Workaround they found number 2:

We are unsure if this may be related to the start page the users have and if the start page is http:// not https:// or if they have SECURE DNS turned ON somehow if YOU set the key below it will turn of secure DNS.

Registry HKCU / HKLM



GPO Policy

Microsoft Edge Browser Policy Documentation | Microsoft Learn


Configure Automatic HTTPS

Supported versions:

On Windows and macOS since 92 or later


This policy lets you manage settings for AutomaticHttpsDefault, which switches connections from HTTP to HTTPS.


This feature helps protect against man-in-the-middle attacks by enforcing more secure connections, but users might experience more connection errors.


Microsoft Edge attempts to upgrade some navigations from HTTP to HTTPS, when possible. This policy can be used to disable this behavior. If set to “AlwaysUpgrade” or left unset, this feature will be enabled by default.


The separate HttpAllowlist policy can be used to exempt specific hostnames or hostname patterns from being upgraded to HTTPS by this feature.


Starting in Microsoft Edge 111, “UpgradePossibleDomains” is deprecated and is treated the same as “DisableAutomaticHttps”. It won’t work in Microsoft Edge version 114.


Policy options mapping:


DisableAutomaticHttps (0) = Automatic HTTPS functionality is disabled.


UpgradeCapableDomains (1) = (Deprecated) Navigations delivered over HTTP are switched to HTTPS, only on domains likely to support HTTPS.


AlwaysUpgrade (2) = All navigations delivered over HTTP are switched to HTTPS. Connection errors might occur more often.


Use the preceding information when configuring this policy.


Supported features:

Can be mandatory: Yes

Can be recommended: Yes

Dynamic Policy Refresh: Yes

Per Profile: Yes

Applies to a profile that is signed in with a Microsoft account: Yes

Data Type:


Windows information and settings

Group Policy (ADMX) info

GP unique name: AutomaticHttpsDefault

GP name: Configure Automatic HTTPS

GP path (Mandatory): Administrative Templates/Microsoft Edge/

GP path (Recommended): Administrative Templates/Microsoft Edge – Default Settings (users can override)/

GP ADMX file name: MSEdge.admx

Windows Registry Settings

Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge

Path (Recommended): SOFTWARE\Policies\Microsoft\Edge\Recommended

Value Name: AutomaticHttpsDefault

Value Type: REG_DWORD


Example value:



Mac information and settings

Preference Key Name: AutomaticHttpsDefault

Example value:




Back to top



NOTE: If you were using “secure DNS,” it will be disabled by this! This can, undoubtedly, also be corrected with a policy (i.e., the resulting registry value), but I have not investigated this further.

NOTE: Edge cached that. Clearing all browser history solved this problem (if you experiment yourself, regularly clear the browser history)


Here are the locations mentioned:

Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge

Path (Recommended): SOFTWARE\Policies\Microsoft\Edge\Recommended



The Registry KEY AutomaticHttpsDefault
leads us to followinh change:

We are unsure at the moment if this has anything to with this option which came in V92 and has been redone.

Available for preview: Automatic HTTPS helps keep your browsing more secure – Microsoft Edge Blog (


When sites are loaded over HTTP, attackers can view or change page content in transit, or redirect you to a different location than you had expected. Most websites now support HTTPS, which can help protect against these man-in-the-middle attacks. However, too many of these sites aren’t configured to require HTTPS, leaving open a short window of opportunity for attackers before the site can redirect to the more secure protocol. Some sites may not redirect visits from HTTP to HTTPS at all, leaving some visitors with a less secure connection. To help protect your information as you browse, we are introducing a feature called Automatic HTTPS: now available for preview in Canary and Developer channels with Microsoft Edge 92.


Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol. The list of HTTPS-capable websites is based on Microsoft’s analysis of the web, and helps enable a more secure connection on hundreds of thousands of top domains. Automatic HTTPS upgrades your connection only on HTTPS-capable domains by default in order to prevent connection errors and potential performance issues.

 Category published:  M365,AZURE,INTUNE Microsoft SCCM,MEM,MDT WSUS   Click on the Category button to get more articles regarding that product.