Hello, Some mail systems (eg Lotus Notes) requires proper extensions in certificates. Certificates without this extensions are not treated as candidates for signing/encryption. With default configuration OpenSSL certificates are created without extensions for signing and encryption. To change this remove comment from line: keyUsage = nonRepudiation, digitalSignature, keyEncipherment from proper section of openssl.cnf file and generate new certificate and check if this works.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]