I think the extension u have to use is
keyUsage = digitalSignature,nonRepudiation
Maybe this should work.
And tell me did u generate seperate digital
signing and encryption for the same dn i.e
for same information like C,L,CN,O,OU.
If u did it for same input, please let me know how to do it.
Hi,
I have created separate digital signing and encryption
certificates for the purpose of secure E-mail, signed
by a self-signed CA.
In openssl.cnf the section usr_cert is as follows:
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
basicConstraints=CA:FALSE
nsCertType
