After setting up secure UI communication following the documented procedure from the
Release automation documentation Secure Communications using a CA signed certificate
instead off a selfsigned certificate ASAP fails to start with the following error
"Extended key usage does not permit use for code signing" .
You get this error "Extended key usage does not permit use for code signing" because you signed the
custom-truststore.jar in step 6 with a certificate which is not enabled for code signing .
You need to request a certificate from your certificate authority which is enabled for code signing and server identification.
In some cases the CA does not issue any certificate's which are enabled for code signing and server identification in one certificate.
In that scenario you need to request a seperate certificate for code signing and use this one to sign the custom-truststore.jar in step 6.