Hi All, I have been trying for some time now to generate a smime certificate that works in Kmail. Unfortunately, when I import it it shows some kind of error with certain extensions: ============================================= keyType: 4096 bit RSA subjKeyId: [?] authKeyId: [?] keyUsage: [error: No value] extKeyUsage: [none] policies: [none] chainLength: [error: No value] crlDP: [error] authInfo: [error] subjInfo: [error] ============================================= As a result of the above I cannot set it to be used with the respective email account in Kmail (I suspect that this is because of the keyUsage error).
gpgsm -k shows: key usage: [error: No value] chain length: [error: No value] When I look at the certificate that I used to generate the pkcs12 bundle, I see this: ============================================= No Trusted Uses. No Rejected Uses. Certificate purposes: SSL client : Yes SSL client CA : No SSL server : Yes SSL server CA : No Netscape SSL server : Yes Netscape SSL server CA : No S/MIME signing : Yes S/MIME signing CA : No S/MIME encryption : Yes S/MIME encryption CA : No CRL signing : Yes CRL signing CA : No Any Purpose : Yes Any Purpose CA : Yes OCSP helper : Yes OCSP helper CA : No ============================================= Is keyUsage and -purpose two different things? Firefox does not seem to have a problem with this pkcs12 file and it recognises all the 'use' flags. I am at a loss as to why this happens. Can you please suggest ways for troubleshooting it? -- Regards, Mick
pgpHhANzYl8Ca.pgp
Description: PGP signature