I'm playing around with client certificates with a .net ordering portal I am developing and am noticing some very strange behaviour. The certificates are self-signed but appear to be valid so I believe the way I have set them up is correct.

When I first browse to the page the site accepts the client certificate and displays the details on a diagnostic page I created. Then if I browse to another page on the site via a link e.g. Test1.aspx --> Test2.aspx the certificate details disappear!!

I then played around with things a bit and removed a lot of the other elements in the page such as master page so that the page was very basic. This seemed to maintain the certificate when clicking the links back and forth. So I thought it may have to do with the maxRequestLength under SSL but couldn't find anything that supported this.

However when leaving the page for say 2 or 3 minutes then clicking the link again I get a "Page Cannot Be Displayed" ie7 error.

I thought it may be permission of the ASPNET user so I used WinHttpCertCfg but seems to have had no effect. I thought this was probably not the issue though because the cert was being recognised initially.

Does anyone know of client certificates have persistence issues?