At least one problem I can see with your EC certificate is wrong Key Usage. For
EC it should be "Key Agreement".
I'd not use the same cert for signing and encrypting. If you do, then add
Signature and Non-Repudiation (but I've never done that).
--
Regards,
Uri
There are two ways to design a sy
Hello
I recently decided to change from RSA to EC keys/certs.
I do this primarily as a learning exercise (there is no real corporate or
professional demand to have this working).
I am running OpenBSD current (6.9) from about 1 month ago.
Previously, I have been using "openssl smime" to sign and
