If the host which is used to sign the certificate is having a timestamp which is lesser than GMT, the certificate can be used only after some time. The reason is openssl uses current time and add timezone as GMT.
How to make openssl non interactive while signing a certificate.
Use -batch option
openssl ca -batch -config "$CONF" -out "$BOXCERT" -infiles "$CSRFILE"
Website where you can find the OpenSSL key encryption and encryption name mapping to cipher suite.