Most IT people know about the need to use SHA-2 Hash Algorithm when creating new CSRs for SSL certificates. But many of the Windows servers out there do not default to this hash and will generate a CSR based on SHA-1.
Here is a great articale onhow to generate the proper CSR using Windows Certificates MMC snapin.
How to create SHA2 CSR on windows server
http://day.ir/en-us/articles/ssl/create-csr-sha2-algorithm
landie.tech 