Fixing ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED on macOS

After reinstalling Mac OS Sierra, I found that Chrome could no longer use my HTTPS client certificates. Instead, after choosing my certificate from Chrome’s pop-up certificate picking menu, I just got a fatal “ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED” error. The HTTPS client certificates worked fine in Safari, so it seemed to be a Chrome-specific problem.

I was able to fix this by opening the Keychain Access program, right-clicking my HTTPS private key and selecting Get Info, then on the Access Control tab I changed it from “allow all applications to use this item” to “confirm before allowing access”. The next time I tried to view the website in Chrome, Mac OS popped up to confirm that I wanted to allow it to use the key, and it worked perfectly after clicking Allow! I guess the Keychain’s application permissions got messed up at some point, and this reset it.

3 thoughts on “Fixing ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED on macOS”

    1. Are you trying to authenticate using an HTTPS client cert, and does it work in Safari? If not, this tip won’t help you.

      Client certs normally appear in login->My Certificates, and are normally named using your name/email/username, depending on the organisation that issued you the certificate.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.