Thank you Michael, Patrick, Eckard!

Problem solved, case closed. ;-)

Apparently, the problem lies in the CA.sh (and CA.pl) script that ships b=
y
default with open-ssl, at least on Slackware, and which generated the
faulty certificates.

Yeak Nai Siew's scripts worked like charm!

Thanks again!
BBR

> Patrick Patterson schrieb:
>> If you re-gen your CA Certificate with those usages, and then re-sign
>> your
>> Server certificate (which itself, should have the Key Usage extension
>> set to
>> digital Signature and key Encipherment), your issue should go away

>
> There is also nice bundle of scripts from Yeak Nai Siew which
> simplifies these steps a lot; especially for quick setups a nice
> speedup: see http://www.openssl.org/contrib/ssl.ca-0.1.tar.gz



__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org