Ok, finally figured it out. The problem was with the “keyUsage” options that were used while generating the certificate. Specifically, it was the basicConstraints=CA:FALSE option. Once again, the order of the key and certificate is not relevant in the PEM file and it is not required to include the certificate chain.
Didn’t find anything in the documentation that mentions anything about this and the error log was not very meaningful in this case. But other than that, it’s working great now, this is a nice piece of open source software.