On 11/15/06, azathoth <jebarker / gmail.com> wrote:
> If Firefox can successfully authenticate with the certificate but Ruby
> cannot, surely not having a private key in the certificate makes no
> difference.

That's not quite how it works.  The certificate contains the public
key, the private key is separate, and both are required for client
authentication.  When you export a certificate from firefox it exports
a PKCS12 envelope that contains both the certificate and the private
key.

Chris