Excellent document, although the below appears to be incorrect. "Extended Key Usages: select as minimum Server Auth and Client Auth." I configured my CA / Issuer with just Client Auth EKU - not Server auth, and it worked. So AFAIK, for better security, Server Auth should only be enabled if required for something else.
... View more
