When accessing the SMP Console and the Software Portal you are getting a prompt to "Select a Certificate" as seen here:
If the prompt is canceled or if one of the options is selected the normal NTLM logon prompt appears. This happens each time you start a new session to open the SMP Console or to open the Software Portal. It lists whatever “client authentication” certificates are present on the machine, in the current user’s Personal > Certificates folder.
This has been seen to happen with Firefox, Chrome, IE, etc., and for all users.
ITMS 8.x
In one case (Option 1), Negotiate Client Certificate is Enabled when viewed in netsh.
In another case (Option 2) there seemed to be some type of corruption with the binding in IIS.
Option 1:
Run “netsh http show sslcert” on the NS produced:
IP:port : 0.0.0.0:443
Negotiate Client Certificate : Enabled
IP:port : 0.0.0.0:4726
Negotiate Client Certificate : Enabled
If the above shows as Enabled, then run these commands to remove the bindings in IIS:
netsh http delete sslcert ipport=0.0.0.0:443
netsh http delete sslcert ipport=0.0.0.0:4726
Go into IIS Manager and manually re-bind 443 and 4726 to * (any IP) with the appropriate Certificate.
Then run “netsh http show sslcert” again and validate that Negotiate Client Certificate is now Disabled as seen here:
IP:port : 0.0.0.0:443
Negotiate Client Certificate : Disabled
IP:port : 0.0.0.0:4726
Negotiate Client Certificate : Disabled
Option 2:
Go into IIS Manager and remove the binding for port 443 on the Console and Software Portal pages and then manually re-bind the binding to port 443 (any IP) with the appropriate Certificate; and these are found in IIS Manager under:
Additional details may be found in the following articles: