As you may know, we are working to upgrade Webex’s embedded browser to Microsoft’s WebView2. Beginning with version 42.6 of Webex (June 2022), WebView2 will be required to use the Webex App on Windows. (The Mac and Linux clients are not affected.)
WebView2 can be installed on users' PCs in one of several ways:
The Webex App will not install WebView2 in VDI environments. Administrators must install WebView2 in VDI environments before updating to the June 2022 release (Webex App version 42.6).
We encourage you to review the options and take steps to expedite the adoption rate of WebView2 at your organization.
More information is available in the WebView2 Help article. If you have any questions, please respond to this post.
The FedRAMP Webex app is unable to seamlessly log users in via Okta SSO after your recent MS Edge Webview2 Runtime requirement. The login stalls at a Windows Security Popup box whereas, previously, the client would detect the user's desktop SSO and then log them straight into the Webex app. I've been working with FedRAMP TAC for months on this problem. The Webex app is the ONLY app that is requiring webview2 for login. Not even Microsoft Skype or Teams is using Webview2 so why is Cisco forcing this on everyone? TAC has provided a workaround of using the registry setting PreferredAuthenticationBrowser=MSHTML but MSHTML has vulnerabilities. Come on Cisco, make it so that the Webex app uses the default browser for authentication and call it a day.
We're seeing something similar (non-FedRAMP) but it only occurs occasionally and TAC has been unable to provide a root cause for us. Are you seeing it consistently across the board or also sporadically? I'd just like to know what to look for going forward as we have yet to update from 42.4 in our non-persistent VDI images (long story...).
It is consistent and happens every time. According to Webex engineers it is because the client does not know which certificate on the local machine to select when authenticating and they've provided us with a test client that will log which certs the client sees and which one it selects for authentication. Enterprise machines will have multiple certs so I hope they can solve this problem.
As with jim-j above, I too would appreciate further elaboration on VDI environments. Yes, we should install WV2 initially, but since we use non-persistent systems how is the "evergreen" installer expected to behave, for example? Can the HVD installer of Webex perform a similar WV2 install flag along with 42.4? Is there a cutoff of supported WV2 versions in Webex so we know how often updates of WV2 should be performed in our golden images? etc.