Hi, Although I did not post the PEM, I think I figured out why I was getting that error. I had the "keyUsage" in the extensions, but I had to set criticality to true on that extension. After that, I can open the cert in the Windows applet. Jim -------------------------------------------- On Sat, 7/2/16, o haya <ohaya at yahoo.com> wrote: Subject: Analyze why getting "The file is invalid for use as the following: Security Certificate" To: openssl-users at openssl.org Cc: ohaya at yahoo.com Date: Saturday, July 2, 2016, 8:56 AM Hi, I have a certificate that I issued using a set of openssl commands and when I use "openssl x509" and "openssl verify" to look at it and verify it, it is ok. Normally, when I take the certificate PEM with an extension of ".crt" or ".cer" in Windows, I can click on the file and the Windows certificate applet will open and I can view the cert. But, on this one cert, I get the popup with the error in the Subject line, and I'm trying to figure out why this is? I wanted to post the PEM to this list so someone might be able to review the cert, but I wanted to ask if that is permissible here?? It would be just the PEM for the cert and it would be just a test cert. Thanks! Jim
