Hello, you didn't state it but would you happen to have configured your FMC for Common Access Card (CAC) login?

This should help if you did.

When working with the FMC you can set it up for CAC login.
There is a check box required to enable it.
If it's enabled you will be locked out of the GUI console.
To fix this you should be familiar with unix/linx VI commands.
Login to FMC CLI through securecrt.
> expert
admin@yvafmc1:~$ sudo su
Password: <enter fmc admin pwd>
cd /etc/httpd
vi ssl_certificates.conf
############################################################
#use the arrow keys to move down to the line "SSL_VerifyClient"
#Type "shift a"
#From the end of the line delete the value there "require" using the "backspace" key.
#Once done enter "optional"
#Now press "ESC" then "shift :" and type "wq!" to save the file
#type "more ssl_certificates.conf" to make sure the change you made is the one you want.
#############################################################

# This is what the file looks like when not working
SSLCertificateFile /etc/ssl/server.crt
SSLCertificateKeyFile /etc/ssl/server.key
SSLCACertificateFile /etc/ssl/ca-cert.pem
SSLCACertificatePath /etc/ssl
<Location />
SSLVerifyClient require (change require to optinonal)
</Location>
SSLOCSPEnable on (delete this line)

# After the change you should see.
SSLCertificateFile /etc/ssl/server.crt
SSLCertificateKeyFile /etc/ssl/server.key
SSLCACertificateFile /etc/ssl/ca-cert.pem
SSLCACertificatePath /etc/ssl
<Location />
SSLVerifyClient optional
</Location>

# Save this based on the directions above

#After saving this change restart the http daemon.
#This should take about 3 minutes
root@yvafmc1:/etc/httpd# pmtool RestartByID httpd
root@yvafmc1:/etc/httpd# /etc/rc.d/init.d/console restart
Stopping Cisco Firepower Management Center for VMWare......ok
Starting Cisco Firepower Management Center for VMWare, please wait......started.