Select a certificate to authenticate yourself – quick fixes

Google Chrome is a web browser that was developed by Google and first made available in the year 2008. People from all over the world make use of it since it has rapidly become one of the most popular browsers in the whole planet. It is recognized for both its speed and its ease of use, in addition to its extensive collection of functions.  

Tabbed browsing is available in Google Chrome, which enables users to swiftly navigate between a number of different websites. Additionally, it has voice search, translation, and an anonymous browsing mode, in addition to an integrated search bar. In addition, Google Chrome is continually updated with new capabilities, making it one of the online browsers that is both one of the most secure and one of the most up-to-date options available. 

Sometimes, Chrome users may receive a pop-up asking to “Select a certificate to authenticate yourself”. This is a common error which appears when the user access a site that use HTTPS two-way authentication method. 

In this article, we are going to clarify a bit about HTTPS mutual authentication and how you can fix the error. 

What is HTTPS mutual authentication?

During the HTTPS handshake, servers send a CertificateRequest message to the client to ask for mutual authentication. This message includes a criteria filter that the browser will use to find a client certificate that meets the server’s request. 

If the browser finds more than one certificate that matches the server-supplied filtering criteria, it will ask the user to choose one. These certificates must be valid and have the Client Authentication purpose set and a private key available. This doesn’t happen all that often (at least for me). 

The browser’s following Certificate response will send the server the certificate that was chosen. 

If the user clicks OK in the pop up, it results in the page not loading. If the user selects cancel, they are telling the site to not use the certificate as a method of authentication. 

Fix “Select a certificate to authenticate yourself” on IIS server 

This fix can only be applied on the server side, running IIS server. 

To begin, launch IIS and then access your site’s or app’s SSL settings.IIS Settings > SSL Settings”> </p>



<p>Then set the Client Certificate setting to “Ignore” </p>



<figure class=

Both ‘Accept’ and ‘Require’ will both challenge for a client side cert 

Finally, recycle your app pool and re-launch your browser to test 

Note: You may need to apply these SSL Settings on numerous levels since they are inherited from your Site > Application. 

Fix “Select a certificate to authenticate yourself” on Spring Boot/Tomcat 

server.ssl.client-auth is the default configuration parameter for client-certificate authentication (mutual authentication) in Spring Boot application. 

By default, server.ssl.client-auth is not set, and it essentially setting the parameters as Tomcat’s default value of false. 

When you set this option to server.ssl.client-auth=want or server.ssl.client-auth=need, you’re telling the server that you want to enable client authentication; if the server.ssl.client-auth property is not defined, users will not receive the “Select a certificate to authenticate yourself” pop-up. 

In order to fix “Select a certificate to authenticate yourself” pop-up on the client side, simply open (or create) your application.properties resource file and comment out the “server.ssl.client-auth” line. 

If you need an in-depth guide on Mutual authentication (server & client SSL/HTTPS) with Spring Boot + Tomcat, check out this blog post

We hope that the information above is useful and helped you successfully fix the “Select a certificate to authenticate yourself” pop-up. 

We’ve also written a few other guides which you may also be interested in, such as How to fix cURL “Invalid certificate chain” error, SSLCACertificateFile in Apache httpd and Fix “failed to verify the legitimacy of the server” error in cURL

If you have any questions, then please feel free to ask in the comments below. 

Leave a Comment