Hi,
I have created separate digital signing and encryption certificates for the purpose of secure E-mail, signed by a self-signed CA. In openssl.cnf the section usr_cert is as follows: [ usr_cert ] # These extensions are added when 'ca' signs a request. basicConstraints=CA:FALSE nsCertType = email keyUsage = digitalSignature subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer:always My problem is: -------------- I am able to send digitally signed mails with Netscape Communicator and the recipient's mail client (Netscape/ OE) cannot send an encrypted mail using the received digital ID, which is what I want. IN OE however, before sending a digitally signed message, OE complains that I do not have a digital ID. But then it is able to send a digitally signed message. Can anybody point what the problem may be. Is there a way to eliminate this warning? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]