Vivaldi choosing an automatic certificate instead of asking
-
Good morning,
When trying to log in to the taxes portal or similar platforms, the system uses a personal certificate. I have two: a personal one and a company one. The issue is that Vivaldi is automatically selecting one of these instead of letting me choose. How can I change that so Vivaldi can ask me which one I need? I can't find how to do so.
Thanks! -
@petaqui No idea; sorry.
My guess is that you should see the same behavior in Chrome/Edge, since this is all controlled by Chromium (and we have made no changes to that code).
A couple of possibilities:
- The certs are not installed the same way, e.g. not in the same cert store
- The private key of one is missing (e.g. on an external device/smartcard that is not connected to the computer). It may be that if there is only one usable cert that is used.
- I don't know if Chromium respects it, but the TLS protocol permits the server to specify that it only accepts certificates from specific issuers.
- Chromium may have cached a previous selection of one of the certs.
Another thing is that TLS Client Certificates are generally a Usability Nightmare (TM)
Update: And another question: Have you, in the same run of Vivaldi used the selected certificate for that site? If so, the only way to change a Client Certificate is to shut the browser down completely, and restart. The chosen certificate is used the rest of the current session.
-
I used this page to generate three client certs:
https://itv.mit-xperts.com/clientssl/issue/Imported them into the Windows CertMgr (Current User/Personal)
Opened a clean profile of Vivaldi 7.0 Stable and visited:
https://itv.mit-xperts.com/clientssl/check/Result is it asks which one to use:
-
@petaqui said in Vivaldi choosing an automatic certificate instead of asking:
The issue is that Vivaldi is automatically selecting one of these instead of letting me choose.
I can not see such on my server.
I have two CA signed client certificates. When i wanted to access a protected area with Vivaldi, it showed a popup to select the client cert.
But the cert is always cached (a Chromium restriction with TLS 1.2 protocol, as i remember correct), so you need to restart Vivaldi if you want to use a different certificate.
