I am signing a digitally signed PDF document and I am looking for a way to add a link keyUsage() I found this article and modified my openssl.cnf accordingly.

req_extensions = v3_req
[v3_req]
basicConstraints = CA: TRUE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment

I use the following code to sign digital signs myself:

openssl genrsa -des3 -passout pass: 1234 -out aaa.private.pem -extensions v3_req

openssl req -passout pass: 1234 -subj "/ C = IL / ST = - / L = / O = / CN = AB" -utf8 -key aaa.private.pem -passin pass: 1234 -new> aaa.cert. csr -extensions v3_req

openssl rsa -in aaa.private.pem -passin pass: 1234 -out aaa.key

openssl x509 -req -days 3650 -in aaa.cert.csr -out aaa.cert -signkey aaa.key -CA myCA.ca.cert -CAkey myCA.ca.key -CAcreateserial -extensions v3_req

openssl pkcs12 -passout pass: pkcs12511260945 -export -in aaa.cert -out aaa.cert.p12 -inkey aaa.key

openssl pkcs12 -in aaa.cert.p12 -out aaa.cert.crt-password pass: 1234 -nodes

So far, the output of the following command:

openssl req -text -noout -in aaa.cert.csr : :
    :
        : 0 (0x0)
        Subject: C = IL, ST = -, O = 45, CN = AN
         :
             : rsaEncryption
                 : (2048 )
                Modulus:
                    00: E8: 0c: 71: FB: 3: 76: 40: 4: 1c: 5b: 45: 5e: 4d: b8:
...
                    60: FF: 4: 52: 4e: 88: Fe: 82: 2d: 76: 60: d2: 68: 73: D9:
                : 65537 (0x10001)
        :
         :
            X509v3 :
                CA: TRUE,
            X509v3 :
                 , , ,
     : sha1WithRSAEncryption
         79: a3: : 48: 9a: : 02: 3b: 31: 06: 9: f8: 57: b6: 1c: 10: e4: c2:
      ...
         15: 4d: 4f: 31: 72: b8: 9f: 7a: d1: 94: 9b: 05: 8: B9: : f4: 7f: 33:

aaa.cert.p12 PDF , , Acrobat , "keyUsage - not defined"

, ...