Does anyone know exactly what is needed for browser to either select or prompt for client certificae when connecting to GP portal? I know you need a client sert in personal user store and certificate profile on GP portal. But still i find the behaviour very random. I have 3 GP portals with self signed CA. And a few test machines. For 1st portal get prompted if I have the correct CA in trusted root and a client certificate from the same root from every machine. For 2nd portal i have mixed situation; some machines get prompted, some don't. For 3rd portal I don't get prompted anywhere. There is never any difference between different browsers. Either all prompt or none. I also have one test machine which prompts for 1st portal, but doesn't prompt for 2nd even tho it doesn't have either of those 2 CAs as trusted root. So what are all the required components to have a browser either use or prompt for user certificate? From my testing; you need client cert in user store, cert from the same CA in trusted root, appropriate cert profile on GP portal. But in some cases even when you have all those the browser doesn't use or prompt for client cert. What else is missing? I know it's not PA issue, but non-PA self signed CA is the one on first portal which works the best. And most issues are happeneing on PA self signed CAs. .
... View more
