Via openssl signed X509 certificate can not be decoded by TX509Certificate.Decode

I have created via TMS Crypto a CSR. Then I signed it via openssl using a root CA and have got a singed certificate.

Then, I try to decode it and getting this error:


Here is the signed certificate: (1.0 KB)

I have "fixed" this issue like this:

On singing via openssl I add a v3_extensions:

openssl x509 -req -in csr.pem -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out signed_cert.crt -days 365 -extfile extensions.cnf -extensions v3_extensions

The content of the file extensions.cnf

basicConstraints = CA:FALSE

Then, I am getting a signed X509 Csr which can be decoded via TX509Certificate.Decode

A question to @Bernard Would it be feasible to add this extension into procedure TX509Certificate.SignCsr?