Chrome doesn't prompt to use a local certificate after setting up client certificate authentication on Apache

authentication apache-2.2 ssl-certificate

Chrome doesn't support post-handhsake authentication, that is, renegotiating SSL and sending a client certificate when the connection is already established, because (from the Chrome bugreport page)

Post-handshake authentication has a mess of security, semantics, and DoS issues. (...) Some spec work is needed to make it defined in HTTP/1.1 at all and, more importantly, explicitly undefined in HTTP/2 in favor of a multiplexing-friendly solution (...)

In Firefox, you can turn it on, but it is not enabled by default, for the same reasons Chrome does not implement it.

You can check the bug reports (Firefox, Chrome) for additional info.

I think what you can do is to set the SSLVerifyClient to optional, move it to the VirtualHost level (with any SSL* directives, so the certificate will be requested during handshake), and require the presence of a certificate in the .htaccess file like this:

AuthName "Admin resource"
AuthType Basic
Require ssl-verify-client

Related

Which versions of Ubuntu share /etc/sysctl.conf compatibility? [closed]
Preserve ownership with rsync, without root
Converting an array of objects to an array of their primitive types
Tensorflow - ValueError: Failed to convert a NumPy array to a Tensor (Unsupported object type float)
Javascript parse float is ignoring the decimals after my comma
Why do I get TypeError: can't multiply sequence by non-int of type 'float'?
Why are unsigned int's not CLS compliant?
Background timer task in JSP/Servlet web application [duplicate]
Tkinter adding line number to text widget
Naturally sorting Pandas DataFrame
Getting the actual usedrange
NSArray from NSCharacterSet