Your code is running
on the server. You are displaying a prompt
on the server, where nobody will ever see it, to select a certificate from
the server's local certificate store.
It might
appear to work when you debug it in IIS Express. But that's only because, in that specific case, the server and client are the same machine.
When you deploy to IIS, in the best case scenario your code will fail with an exception telling you that you cannot display UI from a non-interactive session. In the worst case, the UI will pop up on the server, and your code will hang waiting for an administrator to log in to your server and acknowledge the hundreds of "select a cert" requests you've flooded the system with.
You can configure your site to
use client certificate authentication[
^]. But you cannot run C# code on the client, and you cannot access the user's certificate store from Javascript.