In article <[EMAIL PROTECTED]> you wrote:
> I would like to ask whether/how is it possible to create certificates
> that could be used both as https client certificates and S/MIME keys in
> Netscape. I'm using SSLeay 0.8.[01], and I have no problem in setting up
> a CA and generating user certificates to use as client keys. However,
> Netscape claims that these keys are `not certified for E-mail'. Fiddling
> with RSA key length nor key types dosn't seem to help.
You should set nsCertType to a proper value (bit-mapped), as described
on Netscape pages. This is excerpt from my ssleay.cnf file:
[ x509v3_extensions ]
# SSL client + server + S/MIME
nsCertType = 0xe0
--
Pawel Krawczyk, CETI internet, Krakow. http://www.ceti.com.pl/
info: [EMAIL PROTECTED] Home: http://ceti.com.pl/~kravietz/
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
