ahyou can try to export "old" certs .crt and .key files from System: Trust: Authorities (for CA cert) or System: Trust: Certificates (for server's certs).then do what @bartjsmit advised.what didn't work for CA?did you specify the keyUsage?
sorry, didn't guess that this is a hint of adding a new feature