[gnutls-help] certtool not outputting requested key usage

Luis Marsano luis.marsano at gmail.com
Sat Nov 28 20:02:05 CET 2015

certtool isn't allowing me to create certificates with key usages I specify.
Sample shell session

$ certtool --version
certtool 3.3.17
$ certtool --ecc --sec-param high --generate-privkey --outfile key.pem
Generating a 256 bit EC private key...
$ echo 'cn = test
encryption_key' >ss.conf
$ certtool --generate-self-signed --load-privkey key.pem --template ss.conf
Generating a self signed certificate...
                Key Usage (critical):
                        Digital signature.
                Subject Key Identifier (not critical):

I'm not getting the key encipherment I'm asking for.
What am I doing wrong?

More information about the Gnutls-help mailing list