cannot make Firefox load client cert from MacOS keychain
I am trying to get Firefox to load client certificates from a user's MacOS login keychain to support Mutual TLS. According to this Mozilla Security blog post I *should* be able to set 'security.osclientcerts.autoload' to 'true' in Firefox 75 or later, but I have not been able to make this work.
I am testing this on MacOS 10.15.5 Beta, with Firefox 76.0.1 (64-bit). I have imported a client certificate into my user's login keychain, and have confirmed that I can access a website that requires client certificates using Safari and that certificate.
I have set 'security.osclientcerts.autoload' to 'true' in my browser's configuration preferences, but when I attempt to browse to the website the connection fails with 'SSL_ERROR_HANDSHAKE_FAILURE_ALERT'. I have also tried creating a 'user.js' preferences file, but it did not help:
% cat user.js user_pref("security.default_personal_cert", "Select Automatically");
I very much need to make this work, and would appreciate any information about other configuration steps I need to take, or things I have missed.
所有回覆 (1)
FWIW: I filed bug 1637374 for this issue.