Control: tags -1 + unreproducible
I loaded up an oldstable bookworm system, and used XCA's internal
templates to create a CA certificate. From that, I was able to use
Debian Bookworm's own OpenSSL version to generate a CSR, which I
imported into XCA without issue. I was then able to use XCA to sign the
CSR and generate a certificate (using SSL server template in XCA again
to make sure proper items are set on teh certificate for extensions),
and then after exporting that certificate, OpenSSL was able to properly
read the certificate without issues.
Your issue is not able to be reproduced in XCA, so we need a lot more
information about your environment, XCA settings, CA cert settings, key
algos, etc. to have a minimum reproducible example.
Thomas
