I am having issue with Client Side certificates in MS Edge browser, Window 10. Basically my PKI structure is following:
RootCA(self signed 4096) -> Intermediate CA (signed by RootCA 2048)-> One Server Certificate, One client Certificate (both signed by Intermediate CA)
Apache setup with following SSL options
SSLCertificateFile - cert generated by Intermediate CA 2048
SSLCertificateKeyFile - keyfile of above cert
SSLCACertificateFile - Cert of my Intermediate CA chained with
RootCA cert
SSLCARevocationFile - Crl list generated by Intermediate CA
SSLVerifyClient require
SSLVerifyDepth 10
SSLOptions +StdEnvVars
Client certificate generated as PKCS#12 chain file.
Now, tested with Firefox, Chrome and Internet Explorer 11 and everything is working as expected - without certificate you get 403 page, while when certificate is imported you can login and certificate is read by PHP file that basically outputs info collected with +StdEnvVars.
On Microsoft Edge v25.10586.0.0 when I go to https location, I get certificate selection window, but when I select appropriate certificate I still get 403 error. It is driving me nuts since it works pretty much everywhere except in Edge browser. Anyone can give me a hand at least where to start looking?
Of course, issue was more than stupid... For Edge to be able to pickup correct certificate and use it, you have to re-log or reboot...