How can I fix the “No certificates found – The app Chrome has requested a certificate” Android / Google Chrome issue

The issue

Some of our website users are encountering an issue when accessing secure areas of our website, on Android devices, in Google Chrome.

It looks like this;

I’ve been able to replicate the issue on the following devices using Browserstack’s physical device testing;

  • Samsung Galaxy S6, Samsung Galaxy S5, Samsung Galaxy S4 (Android v5 and v4.4)
  • Nexus 6 (Android v6, v5 and v4.4)
  • Moto X 2nd Gen (Android v6 and v5)

My research

All the articles, forums and questions that I’ve read online (and there aren’t many, unless I’m searching for the wrong thing) point to server and / or SSL certificate setup and configuration, and that the issue being experienced is by design.

Suggested fix 1

The most useful article I’ve found so far is Issue 268055 “No Certificates Found” on the chromium issue tracker.

Comment 18 suggests changing SSL settings in IIS;

I can fix the issue if you have access to IIS. Basically you need to go to SSL Settings and make sure Require SSL is unchecked and that “Ignore” is selected for Client Certificates.

Comment 28 backs it up;

For the non-Googler case, this error message only occurs when you encounter a site that requests a client certificate. There’s nothing that Chrome can do here – the site has requested a client certificate, and to even know if a client certificate is valid, Chrome for Android has to ask the OS. That’s the prompt you’re seeing – it’s controlled by Android and all apps (Google or otherwise) are required to go through that flow.

This will occur with any site configured to request client certificates, so to resolve this, either don’t request client certificates, or configure your Android devices to have client certificates (e.g. via a device management application or via installing a PKCS#12 file).

kamakshi: This is all “By Design” behaviour, but requires server operators to change, so I’m not sure what to do with this bug.

As does comment 43;

I don’t think people on this bug would know much about configuring IIS. You’d want to talk with Microsoft about that. From searching around, “Ignore Client Certificate” seems to be the option you want.

We’ve done that but it doesn’t seem to have made a difference.

IIS SSL settings

Suggested fix 2

Another question here on Stack (“certificate trusted on pc but not in android“) suggests that an intermediate certificate might be missing;

You might be missing an intermediate certificate in your cert file. If you have already visited another website which has the same certificate seller, the intermediate certificate is remembered in your browser. This might not – or even better – will not be the case with every visitor to your website. To solve a missing intermediate certificate in the SSL connection, you will need to add the intermediate certificate to your own certificate file.

I’ve checked and we have a domain certificate (which isn’t a wildcard certificate), an intermediate certificate and a root certificate, so I don’t think that’s the issue either. I’ve also run a site checker test on the Networking4all website, and an SSL test on the Qualys SSL website and they both path without errors or warnings.

My question

Has anyone else encountered this issue? Are there any other solutions that we can try to fix it? I’m out of ideas at this point so any advice would be hugely appreciated.

Some extra details just in case

The server the website is on is running Windows Server 2008 R2 and IIS 7.5, and our SSL certificate provider is Thawte.

Thanks in advance!

Related Posts:

  1. Divert http to https with WordPress on IIS
  2. Chrome 83 doesn’t connect WP login page after update from http to https on localhost
  3. When you use ‘badidea’ or ‘thisisunsafe’ to bypass a Chrome certificate/HSTS error, does it only apply for the current site? [closed]
  4. This adb server’s $ADB_VENDOR_KEYS is not set
  5. Exception : AAPT2 error: check logs for details
  6. How can I find and run the keytool
  7. Android ADB devices unauthorized
  8. adb is not recognized as internal or external command, operable program or batch file
  9. Getting net::ERR_UNKNOWN_URL_SCHEME while calling telephone number from HTML page in Android
  10. Curl command for https ( SSL )
  11. You need to use a Theme.AppCompat theme (or descendant) with this activity
  12. You need to use a Theme.AppCompat theme (or descendant) with this activity
  13. Still getting warning : Configuration ‘compile’ is obsolete and has been replaced with ‘implementation’
  14. java.lang.NullPointerException: Attempt to invoke virtual method on a null object reference
  15. RecyclerView vs. ListView
  16. How do I remove the title bar from my app?
  17. Android – Adding at least one Activity with an ACTION-VIEW intent-filter after Updating SDK version 23
  18. What does getActivity() mean?
  19. Simple Java HTTPS server
  20. The HTTP request was forbidden with client authentication scheme ‘Anonymous’. The remote server returned an error: (403) Forbidden
  21. How to update Notification with RemoteViews?
  22. How to fix: Error device not found with ADB.exe
  23. How to change background color in android app
  24. How to create a popup window (PopupWindow) in Android
  25. findViewById in Fragment
  26. ImageView in circular through XML
  27. Intel HAXM is required to run this AVD
  28. No Sound coming from Android Emulator [duplicate]
  29. Could not identify launch Activity: Default Activity not found
  30. Android: Difference between Parcelable and Serializable?
  31. PANIC: Cannot find AVD system path. Please define ANDROID_SDK_ROOT (in windows 10)
  32. I am getting this error “your cpu doesn’t support vt-x or svm, android studio 2.1.1 in AMD 6300 processor”
  33. How to make a round button?
  34. Multiple dex files define Landroid/support/v4/accessibilityservice/AccessibilityServiceInfoCompat
  35. How to create listview onItemclicklistener
  36. Android Studio-No Module
  37. Android Device not recognized by adb
  38. The application may be doing too much work on its main thread
  39. setOnClickListener error – cannot resolve symbol
  40. How to convert int to Integer
  41. Why AVD Manager options are not showing in Android Studio
  42. When you use ‘badidea’ or ‘thisisunsafe’ to bypass a Chrome certificate/HSTS error, does it only apply for the current site?
  43. Android Studio 3.0 Execution failed for task: unable to merge dex
  44. What does ellipsize mean in android?
  45. Error checking if Bluetooth is enabled in Android (REQUEST_ENABLE_BT cannot be resolved to a variable)
  46. What is the difference between “px”, “dip”, “dp” and “sp”?
  47. Fragment MyFragment not attached to Activity
  48. onSaveInstanceState () and onRestoreInstanceState ()
  49. Getting android.content.res.Resources$NotFoundException: exception even when the resource is present in android
  50. Unsupported major.minor version 52.0 when rendering in Android Studioandroid android-studio rendering preview
  51. What is Sandboxed_process0 and why do i have so many instances of it listed in the memory usage for my app
  52. Android Facebook integration with invalid key hash
  53. Android dismiss keyboard
  54. How to decompile an android app from the google play store
  55. How do I center text horizontally and vertically in a TextView?
  56. How do I get the currently displayed fragment?
  57. Call to getLayoutInflater() in places not in activity
  58. How to add a jar in External Libraries in Android Studio?
  59. Adb backup does not work
  60. Android: How can I Convert String to Date?
  61. What is the difference between gravity and layout_gravity in Android?
  62. Your content must have a ListView whose id attribute is ‘android.R.id.list’
  63. Remove Project from Android Studio
  64. the item you requested is not available for purchase
  65. Service vs IntentService in the Android platform
  66. Closing Application with Exit button
  67. USB Debugging option greyed out
  68. Android: No Activity found to handle Intent error? How it will resolve
  69. Cannot resolve symbol ‘AppCompatActivity’
  70. Android Drawing Separator/Divider Line in Layout?
  71. Android Studio – Emulator – eglSurfaceAttrib not implemented
  72. XML has empty body?
  73. “Gradle Version 2.10 is required.” Error
  74. How to Resize a Bitmap in Android?
  75. What to use instead of “addPreferencesFromResource” in a PreferenceActivity?
  76. How to code using android studio to send an email
  77. HAX kernel module is not installed
  78. Cannot resolve symbol AppCompatActivity – Support v7 libraries aren’t recognized?
  79. SSL breaks customizer: page isn’t returned from ajax
  80. Local version of a WordPress site – SSL/HTTPS enforced?
  81. WordPress is Inserting images into Post as HTTP and not HTTPS
  82. Serve HTTPS requests from subdomain
  83. WordPress Move to SSL How to Update Media Assets to HTTPS?
  84. Add New Sub Site from the WordPress back end then in sub site options table option_value must be with https
  85. Make default new sites https (multisite)
  86. Locked out of WordPress Site Admin after enabling Force SSL on WordPress Https (SSL)
  87. SSL: How to make customizer images Protocol Relative in WordPress?
  88. https multiple redirects
  89. How to properly force https and www on multisite with Apache HTAccess
  90. AJAX requests broken due to HTTPS for wp-admin
  91. Allow non-SSL pages to use https or Force non-SSL pages to http?
  92. How to get Caching Plug-ins to work on localhost with HTTPS?
  93. ERR_TOO_MANY_REDIRECTS on wordpress page [closed]
  94. WordPress post to android
  95. Core update of 4.2.3 changes all link to https [duplicate]
  96. Access wordpress pages using a self signed shared ssl
  97. SSL/HTTPS Redirect Loop
  98. The plain HTTP request was sent to HTTPS port in wordpress [closed]
  99. ‘Too many redirects’ error after changing site URL in WordPress [closed]
  100. Is it bad to redirect http to https?

Leave a Comment