How to make Firefox prompt for Windows's own certificate store's client certificates?

Cigarette Smoking Man

10/29/22, 3:01 PM

As per this blog post it should be possible: https://blog.mozilla.org/security/2020/04/14/expanding-client-certificates-in-firefox-75/

Yet when browsing a site which asks for a client certificate it doesn't open a prompt. (On the same site the prompt happens when installing said certificate in Firefox's own store.)

This happens using Firefox 89.0.2, Windows 10. The server is nginx with ssl_verify_client optional

626

1 + 2

windows

firefox

client-certificate

Peter Hahndorf

10/29/22, 5:25 PM

Did you changed the setting as described in the article?

Cigarette Smoking Man

10/29/22, 6:29 PM

@PeterHahndorf yup! And I now found the issue too: there is an "Authentication decision" tab in Firefox's Settings -> Privacy & Security -> View Certificates window. I had selected not to send the certificate once and that kept it in memory.

Score:0

Server

Cigarette Smoking Man

10/29/22, 6:32 PM

This does work, don't forget two things:

security.osclientcerts.autoload to true (as mentioned in the linked blog post)
clear the "Authentication decision" row for your website in Firefox's Settings -> Privacy & Security -> View Certificates if you had checked the (default) "Remember this decision" when picking a certificate.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to make Firefox prompt for Windows's own certificate store's client certificates?

TH: จะทำให้ Firefox แจ้งสำหรับใบรับรองไคลเอ็นต์ของที่เก็บใบรับรองของ Windows ได้อย่างไร

RO: Cum se face ca Firefox să solicite certificatele client ale magazinului de certificate Windows?

RU: Как заставить Firefox запрашивать клиентские сертификаты собственного хранилища сертификатов Windows?

VI: Làm cách nào để Firefox nhắc cho chứng chỉ ứng dụng khách của cửa hàng chứng chỉ của Windows?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.