If you use x.509 certificates to authenticate web users to Domino databases, do they have to
actually have their certificate file with them or can they access resources from any browser?
If you are talking about client-side authentication (verifying the identity of the user to the server), then the client must have the certificate with them. In other words, the client certificate must be installed in the browser that the user is actually using.
This was first published in June 2001