I have a site on my Apache server that I have secured with certificate authentication. The client certificates are signed by the CA I created with OpenSSL and the HTTPS SSL certificate is from StartSSL.

If I open the site in Firefox, confirm the client certificate at the prompt it works beautifully! But if I do the same in IE or Chrome, I get a generic unhelpful message in IE, and Chrome reports "ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED".

I've done some googling to no avail. All the responses seem to be limited to old browsers/OS that do not support TLS1.2. I can see from Firefox that the connection is working nicely with TLS1.2 so I am stumped as to why it's not working in the other browsers. If I turn the auth off in Apache the site loads on all browsers fine and passes with an A rating on SSLLabs.com

There is nothing in my apache error log, so it seems to be a client side error.

Anyone come across this before or have any ideas?