The point of posting PEM is that people can cut and paste from a mail message
and decode it to get the DER or whatever. (That's why PEM format was invented,
to survive intact through email:)
You are generating a certificate, self-signing it, and your recipient cannot
verify it. Right?
Please post the PEM and maybe someone will find something wrong with the way
you have used openssl's tools. If not that type of user error, then it is most
likely an error or limitation of the recipient software. Openssl doesn't get
these types of things wrong nowadays.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
