This is an excellent tutorial. I'm rather new to ssl, but followed this slowly and meticulously, and everything worked - learning a great deal on the way.
I do have a question however. I've created a client key as per the instructions, and have been trying to import this into my OSX key chain. I've converted the key, certificate and chain file to p12 as follows:
openssl pkcs12 -export -out client.p12 -inkey client.key.pem -in client.cert.pem -chain -CAfile ca-chain.cert.pem
The p12 imports fine into OSX keychain, but my server isn't accepting the certificate. I've verified the client certificate and everything appears fine. Am I doing something wrong when converting to p12?
My ssl config is set to: