Warning: The retired, out-of-support Internet Explorer 11 desktop application has been permanently disabled through a Microsoft Edge update on certain versions of Windows 10. For more information, see Internet Explorer 11 desktop app retirement FAQ.
Symptoms
When a website requests a client certificate (such as for authentication), Internet Explorer 11 cannot send the certificate if the TLS 1.2 and TLS 1.1 secure protocols are enabled.
Resolution
Update information
To resolve this problem, install the most recent cumulative security update for Internet Explorer. To do this, go to Microsoft Update.
For technical information about the most recent cumulative security update for Internet Explorer, go to the following Microsoft website:
http://www.microsoft.com/technet/security/current.aspxNote This update was first included in security update 2976627.
For more information about security update 2976627, click the following article number to view the article in the Microsoft Knowledge Base:
2976627 MS14-051: Cumulative security update for Internet Explorer: August 12, 2014
More Information
This issue only occurs with servers that downgrade the TLS session in an ungraceful way (such as by sending a TCP reset when receiving a TLS protocol version that the server does not support). If a server downgrades the TLS session in a proper way that indicates the desired version in the respective server handshake, then any client-side certificate that may be required is sent to the server correctly.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
See the terminology that Microsoft uses to describe software updates.