Client Certificates and FireFox

GRGodoi picture GRGodoi · Aug 26, 2009 · Viewed 20.4k times · Source

I need some help to understand what is happening with my web application. I have a simple web app (c# .Net 2.0) that uses a smartcard authentication. In my testing box (win 2k3 32 bits, iis6) everything works fine but in my production box (win2k3 64 bits, iis6) firefox is unable to send the certificate, hosted in the card, to the server (the collection Request.ClientCertificate is empty). If I try to browse the same production site with IE (6, 7 and 8) or Safari it works.

IIS's configuration is the same on both servers: same ssl certificates, same CTL. I’ve been read a lot about firefox problems with certificates but none of them matches mine.

If any of you can give a clue of what is happening I will be very thankful.

Glauco.

Answer

Martin Paljak picture Martin Paljak · Aug 26, 2009

Do you run Firefox on the same machine (and thus the 64/32 bit difference) or both times on the same client computer (I would assume 32bit here), and it does not work for you when the server is different (64bit)?

Does Firefox see the certificate (Preferences -> Advanced -> Encryption -> "View certificates -> My Certificates" and "Security devices")? Enable "Ask every time" for certificate selection and verify that Firefox indeed tries to use the card.

Which card (manufacturer, type) and software (PKCS#11 provider) do you use?