I have a https server which requires mTLS (client certificate authentication). When I try to access the server using Chrome (Version 75.0.3770.100 (Official Build) (64-bit)) on Windows 10 it asks me to select the client certificate (which I do). Afterward chrome returns with ERR_NOT_IMPLEMENTED.

Additional information:

• I can access the server using the same URL from IE11, Edge and Firefox
• Trust to the server's certificates CA cert is established (Imported the CA into the Trusted Root Certificate Authorities store). Conenction is marked as secure in IE.
• Captured chrome network log. I could find the issues here:

t=3200 [st=10]      SSL_HANDSHAKE_MESSAGE_RECEIVED
                    --> bytes =
                      0E 00 00 00                                        .   
                    --> type = 14
t=3200 [st=10]      SSL_CLIENT_CERT_REQUESTED
t=3201 [st=11]      SSL_HANDSHAKE_ERROR
                    --> error_lib = 16
                    --> error_reason = 228
                    --> file = "../../third_party/boringssl/src/ssl/ssl_cert.cc"
                    --> line = 242
                    --> net_error = -11 (ERR_NOT_IMPLEMENTED)
                    --> ssl_error = 1
t=3201 [st=11]   -SSL_CONNECT
                  --> net_error = -11 (ERR_NOT_IMPLEMENTED)
t=3201 [st=11]    SOCKET_CLOSED

I looked at the source code of ssl_cert.cc:242 of BoringSSL at https://github.com/google/boringssl/blob/d6f9c359d219055a89c676cb8886421b145a08da/ssl/ssl_cert.cc#L242.

The relevant code here seems to be:

bool ssl_is_key_type_supported(int key_type) {
  return key_type == EVP_PKEY_RSA || key_type == EVP_PKEY_EC ||
         key_type == EVP_PKEY_ED25519;
}

Or in other words. If it is a RSA certificate the function should return true and should not lead to the above described error.

Any idea what is wrong here.

Thanks.