Following searches on this discussion forum I have seen this problem with slightly different symptoms:
- My description of the symptoms covers when logged on as the computer's true administrator.
- If signed on as a user with administrator permissions, the problem shows an empty "Select Certificates" box.
- If signed on as a limited user then the browser simply responds with Safari can’t open the page “https://<<site>>/” because the server where this page is located isn’t responding. (no "Select Certificates" box appears). Where <<site>> is the site's URL.
Consequently my guess is that the Safari process is failing to use the correct permissions to access the Windows certificate repository.
I hope this is useful to some Apple Safari developer who needs to fix this bug PDQ... after all Safari for Windows exists to allow developers to take Safari into account when creating web sites and that is pretty well screwed if simple testing under SSL is not an option.
Further.. further information:
The Windows Certificates console may be run for the currrent user, a specific service or for the local computer.
It is my understanding that certificates should be installed for the local computer, however, the problems of the certificate being missing from Safari's displayed "Select Certificate" box (described above for any form of administrator account) can be solved by opening the Certificates console "for current user" and adding the certificate to the Personal certificates (even if it is already in the Personal certificates for the local computer).
This at least takes the problem one stage further. Unfortunately, after adding the correct certificate and selecting in, the browser responds with a "403.16 - Forbidden" error (Your client certificate is either not trusted or is invalid.).
Correction: Once the Personal certificate is added to the Certificate console for the current user, the true administrator account gives the 403.16 response but I was wrong about a standard administrator account which actually gives the same response as a limited user, i.e. Safari can’t open the page “ https://<<site>>/” because the server where this page is located isn’t responding.
The logged error event when trying to access the site through Safari logged on as the true administrator user is:
- Log Name: System Source: Schannel Event ID: 36870 Task Category: None Level: Error Keywords: Classic Description: A fatal error occurred when attempting to access the SSL client credential private key. The error code returned from the cryptographic module is 0x8009030d.
When accessing the site through Safari when logged on as a standard administrator user or limited users, the logged error event is:
- Log Name: Application Source: Microsoft-Windows-CAPI2 Event ID: 11 Task Category: None Level: Error Keywords: Classic Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/au throotstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
I hope this is useful information.