I'm having trouble determining why Firefox is not applying client certificate authentification in a particular situation.
I have a self-signed client certificate issued for a specific site (nginx mutual TLS) that works when accessing the site using Chrome and when testing with curl, and the same certificate in .p12 format is imported in Firefox Certificate Manager / Your Certificates; however, Firefox simply gets refused authentification by the site as it does not send the certificate, does not prompt for anything, does not show any errors and does not show any log or comments about the process, at least not where I could find - for example, the Firefox Network tab Security section shows information about the LetsEncrypt server certificate, but nothing about the client certificate request.
Is there some reasonable way to debug the client certificate authentification process in Firefox to review what is happening during the TLS handshake and analyse the problem? The preferences section in Firefox does not seem to have any relevant options other than the certificate manager.