Safari browser on mac has a bug which causes client certificate authentication failure, although the same certificate works properly on other browsers (firefox, or chrome). It seems the safari browser does not pick the user selected certificate to answer the server challenge if more than one client certificate is available, as it always work properly if there is one client certificate available.
To workaround the issue, in the keychain utility, move all certificates from "logon/my certificate" folder to a different folder, and only leave the one you use for client certificate authentication. Then the authentiation should work, but as long as a second client certificate is added, it will stop working.
To workaround the issue, in the keychain utility, move all certificates from "logon/my certificate" folder to a different folder, and only leave the one you use for client certificate authentication. Then the authentiation should work, but as long as a second client certificate is added, it will stop working.
No comments:
Post a Comment