User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0 (Beta/Release) Build ID: 20131205075310 Steps to reproduce: Import a certificate and private key into OS X's Keychain. In my case, I have a Startcom (https://www.startcom.org/) user certificate and private key already installed. The user certificate and private key were installed 6 months or 1 year prior to installing Firefox. Ensure Firefox has access to the certificate and private key. To do so, select "Keychain Access", select the Certificate and then "Get Info". Then, on the Access tab, ensure the Firefox binary is listed. I visited a secure area (https://www.startssl.com/?app=12), and clicked on the upper left button "Authenticate". ********** Actual results: Firefox could not establish a secure channel. The reasons given were: ---------- Secure Connection Failed An error occurred during a connection to auth.startssl.com. SSL peer was unable to negotiate an acceptable set of security parameters. (Error code: ssl_error_handshake_failure_alert) ---------- A Wireshark trace shows Firefox never sends the certificate for the site. Firefox sends the Certificate message as expected after the server sends the Server Done message, but the client's Certificate message has 0 certificates. A screen capture of the relevant Wireshark frame is available on SuperUser.com (see below under "Additional Information"). ********** Expected results: Firefox should have sent the certificate for the site. ********** Additional Information: Additional info: screen captures of the issue can be found at: https://superuser.com/questions/706040/firefox-secure-connection-failed-and-client-certificate. In the past, this worked fine with Safari. Unfortunately, Safari is broken for me at the moment. I was able to verify the certificate and private key with both Peter Guttman's `dumpasn1` and OpenSSL's `x509` utility. I'm fairly certain the certificate and private key are well formed. I searched Preferences -> Security and Preferences -> Advanced, and I could not find anywhere to enable/disable Keychain access. So I don't believe I've inadvertently disabled something. (But it could well be a case of me being too dumb to operate Firefox properly). Mac OS X 10.8.5 (x64). Fully updated. $ uname -a Darwin riemann.home.pvt 12.5.0 Darwin Kernel Version 12.5.0: Sun Sep 29 13:33:47 PDT 2013; root:xnu-2050.48.12~1/RELEASE_X86_64 x86_64 Firefox 26.0. Fully updated. ********** Possible Related Bugs: "SSL client certificate not sent", https://bugzilla.mozilla.org/show_bug.cgi?id=891550. In the 550 bug, I don't use the programs discussed, such as ChatZilla. So I can't determine anything from the report. "SSL Client Certificate Fails with Firefox on Mac OS X", https://bugzilla.mozilla.org/show_bug.cgi?id=801110. The 110 bug may be related since they both talk of a Start SSL certificate. But I'm getting a different error code and message. "Nightly wants to use your confidential information stored in "lpsafari" in your keychain", https://bugzilla.mozilla.org/show_bug.cgi?id=753331. I can't tell what to make of the 331 bug. I don't use LastPass, so its probably a moot point.

Yes, we don't support doing this yet. I would like to though.