@vladimir-mencl: what you are seeing is actually this bug: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1834671
Basically, with TLSv1.3 you need a client that supports post-handshake authentication. Some clients, such as Firefox for example, support it but it needs to be enabled, as it's disabled by default, see security.tls.enable_post_handshake_auth in about:config. The best course of action if you don't control the clients connecting to your web server is probably to disable TLSv1.3. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1865900 Title: apache 2.4.29-1ubuntu4.12 authentication with client certificate broken To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/1865900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs