So, you want to run Chrome (or Chromium), but you're annoyed by the lack of client certificate authentication on Linux. Turns out, this is relatively easy to solve, there's just no UI for it as of yet. (As of 11/13/2009.) (Note: I'm doing this running the daily build from the chromium-daily ppa on Launchpad - if you're running Debian or Ubuntu, you can add "deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu karmic main" to your /etc/apt/sources.list if you want to run this. It may work on the official Google build as well, I'm not sure.)

You want to use the instructions at Google's page on LinuxCertManagement to install the MIT CA. You may also want the CSAIL CA (specifically, the Master CA). If you're running Debian or Ubuntu, the short version of that LinuxCertManagement page is to install libnss3-tools, then run "certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n -i " for both the MIT CA and (if you want it) the CSAIL CA.

The easiest way to install a client cert in the nss database is simply to install it on Firefox; at that point, it should be in the list of certificates you get when you run "certutil -d sql:$HOME/.pki/nssdb -L". If not, go back to the LinuxCertManagement page and do it manually.

Here's the last key to the puzzle: by default, Chrome on Linux runs without SSL client cert auth. So run it with the --auto-ssl-client-auth flag. You'll probably want to edit both Preferred Applications and the Main Menu entry to reflect this, so links you click on outside of Chrome open this way. (Gnome Do and similar pull their data from Main Menu, among other places.) Once you've done this, you can check your work with this demo page. If everything is working, it should welcome you by name, and tell you that a certificate for your username is installed.