> The last of these indicates that "LHP MX CA V1" lacks the proper > extensions to be an X.509v3 CA for issuing TLS client certificates. The > underlying error from OpenSSL is "X509_V_ERR_INVALID_PURPOSE". > > The CA's extended key usage almost certainly specifies only "serverAuth" > and not also "clientAuth", so it is rejected as a client cert issuer.
Actually, the issuer had neither, nevertheless, it's working perfectly now. Thank you so much. Regards. PS. I learned something new today and adding it my notes.
