Single Sign On with client certificates

In a previous post, I detailed a trick to get complicated webapps working with client certificates. The problem this solves is that some combination of web sockets, service workers (and perhaps some demonic magic) don’t play nicely with client certificates.  Under some circumstances, the client certificate is just not sent. The basic idea behind the […]