Browser popoup prompts user to pick a certificate


Hi All, and thanks if you can help…
Windows Server 2016 / IIS 10
Certificates generated using PKISharp/WinAcme

In some browsers (Chrome…) sometimes, a popup appears prompting the user to pick a certificate (among… a single certificate…) to authenticate to the website. I have dozens of websites and only some have this behavior… No clue in tech forums… I read something about the “60-days”, another article about breaks in the cert chain, but the cert is < 50 days and no old X1 authority certificate is present on the server (except a fake LE X1 I removed today).

Help appreciated, thanks in advance…



Hi @Greg45

do you have a screenshot?

There are mixed content warnings.

But these should not open such a popup.

Sounds like one instance want’s a client certificate.



Your web server is misconfigured to not only serve tls connection but ask for client certificate from clients…

Please try to reverse steps done in Step 4 to remove the request for client certificate when client connects.

Thank you


Thanks that makes me feel like an idot… The site was configured to “Accept” client certificates instead of “Ignore”…

Many many thanks stevenzhu :sunny:


Thanks for your quick answer I had as soon as you posted it.
I corrected the mixed contents. The site was configured to “Accept” certificates so I assume Chrome tries to send a cert if the site declares accepting them…
I set SSL parameters to “Ignore” client certificates, seems to work like a charm.
Many thanks.



@stevenzhu - @Greg45

Curious: Checked (2 days) with Chrome, FireFox and Edge - no “please give me your client certificate” warning.


Use your mobile device :neutral_face:



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.