Method and system for creating a certificate to authenticate a user identity

A method for creating a certificate to authenticate a user identity at a web browser includes receiving a login request including a first user identity for a user and generating a first browser-signed certificate using public and secret keys associating the first user identity to the web browser. The first browser-signed certificate is sent to a first identity provider server and in response a first server-signed certificate is received from the first identity provider server. The first server-signed certificate associates the first user identity to the first identity provider server. A final certificate is generated by merging the first browser-signed certificate with the first server-signed certificate.