Added note for usage of existing certificates

Security-Configuration.md

@@ -157,3 +157,9 @@ Java gRPC uses Netty's SslContext. From https://netty.io/wiki/sslcontextbuilder-
 > For example to convert a non-encrypted PKCS1 key to PKCS8 you would use:
 >
 > openssl pkcs8 -topk8 -nocrypt -in pkcs1_key_file -out pkcs8_key.pem
+
+### Existing certificates
+
+If you are using existing certificates: make sure they all have the **Extended Key Usage** 'TLS Web Server Authentication' AND 'TLS Web Client Authentication' set - as grpc uses them for both use-cases!
+
+Else you will see those errors: `error reading server preface: remote error: tls: bad certificate`