Hi
> > From a certificate issuer point of view, I'd like to see the
> > ca-fix program.
> The ca-fix program is not needed with OpenSSL 0.9.5 anymore, as it was
> intended to fix some x509v3 extensions, but these can now be added
> with the ca, x509, etc. commands.
Sadly AFAIK it can't fix my pre-OpenSSL keys.
And if OpenSSL does this there _may_ be a bug. In openssl.cnf I've set
keyUsage to email signing and encrypting, and client authorization only but
that's not what MSIE tells me. Anyone else tried this?
Luke
