Browser is not prompting for a client certificate

Question

Background:

I am updating an internal application to a two-step authentication process. I want to add a client certificate authentication process

Answer 1

Your problem is that the browser doesn't either get the request to provide client certificate or there is a security related option to block it from happening. IE offers certificate only if the web site is in correct zone (intranet or trusted sites). Please check this before everything.

If that doesn't help then see this answer for next step. The netsh documentation says:

clientcertnegotiation
Optional. Specifies whether the negotiation of certificate is enabled or disabled. Default is disabled.

Enable that and even the dumbest browser should notice that it is supposed to offer certificate for authentication. To diagnose your problem further you can use WireShark to see the negotiation in action.