0

As per this blog post it should be possible: https://blog.mozilla.org/security/2020/04/14/expanding-client-certificates-in-firefox-75/

Yet when browsing a site which asks for a client certificate it doesn't open a prompt. (On the same site the prompt happens when installing said certificate in Firefox's own store.)

This happens using Firefox 89.0.2, Windows 10. The server is nginx with ssl_verify_client optional

Cigarette Smoking Man
  • 103
  • 3
  • Did you changed the setting as described in the article? – Peter Hahndorf Jun 29 '21 at 17:25
  • @PeterHahndorf yup! And I now found the issue too: there is an "Authentication decision" tab in Firefox's Settings -> Privacy & Security -> View Certificates window. I had selected not to send the certificate once and that kept it in memory. – Cigarette Smoking Man Jun 29 '21 at 18:29

1 Answers1

0

This does work, don't forget two things:

  • security.osclientcerts.autoload to true (as mentioned in the linked blog post)
  • clear the "Authentication decision" row for your website in Firefox's Settings -> Privacy & Security -> View Certificates if you had checked the (default) "Remember this decision" when picking a certificate.
Cigarette Smoking Man
  • 103
  • 3