I have a problem with a standalone sub CA.
Certificate must be able to sign Outlook mails, encrypt them and sign Word documents, so in certqtp.inc I've changed rgAvailReqTypes parametr for my certificate:
rgAvailReqTypes(0,FIELD_OID)="1.3.6.1.4.1.311.10.3.12, 1.3.6.1.5.5.7.3.4, 1.3.6.1.5.5.7.3.2, 1.3.6.1.4.1.311.10.3.4"
After that key usage field of enrolled certificates have changed to "data ecnryption (20)", but I don't know why. So with this key usage I can sign documents, can ecnrypt mails, but can't sign them (key usage must contain digital signature).
How to change key usage field in standalone CA ??