Client Certificates
| Browse | Interactions |
|---|---|
| Chrome on Mac, Windows 10 and Android without MDM profiles | Works as expected in regular and private mode |
| Chrome on Android with Personal and Work profiles | Works as expected. Forcepoint ONE SSE will identify the certificate on the work profile and apply the appropriate policies. If a user switches to their personal profile, no certificate will be dedicated and they will be subjected to the appropriate policy (i.e. unmanaged device). |
| Chrome on iOS | Does not work. Certificates stored in the iOS keychain in the Apple Access Group are only accessible by Apple apps, e.g. Safari. Other apps must be coded to import the certificates into their Access Groups (MS Authenticator does this). Apps that are not coded as specified by Apple may not have access to the certificates, e.g. Google Chrome. |
| Edge on Windows 10 | Works as expected in regular and private mode |
| Firefox on Mac and Windows | Firefox does not present system client certificates; relies on those internal to the browser. This means admins must install the certificates into the Firefox browser itself. |
| Safari on iOS and Mac |
Works as expected in regular mode. In private mode, Safari has a known bug where some versions work and others do not:
|