sslmicrosoft-edgepki

SSL Client certificate Microsoft Edge


I am having issue with Client Side certificates in MS Edge browser, Window 10. Basically my PKI structure is following:

RootCA(self signed 4096) -> Intermediate CA (signed by RootCA 2048)-> One Server Certificate, One client Certificate (both signed by Intermediate CA)

Apache setup with following SSL options

SSLCertificateFile - cert generated by Intermediate CA 2048

SSLCertificateKeyFile  - keyfile of above cert

SSLCACertificateFile  - Cert of my Intermediate CA chained with
RootCA cert

SSLCARevocationFile - Crl list generated by Intermediate CA

SSLVerifyClient require 

SSLVerifyDepth 10

SSLOptions +StdEnvVars

Client certificate generated as PKCS#12 chain file.

Now, tested with Firefox, Chrome and Internet Explorer 11 and everything is working as expected - without certificate you get 403 page, while when certificate is imported you can login and certificate is read by PHP file that basically outputs info collected with +StdEnvVars.

On Microsoft Edge v25.10586.0.0 when I go to https location, I get certificate selection window, but when I select appropriate certificate I still get 403 error. It is driving me nuts since it works pretty much everywhere except in Edge browser. Anyone can give me a hand at least where to start looking?


Solution

  • Of course, issue was more than stupid... For Edge to be able to pickup correct certificate and use it, you have to re-log or reboot...