Why do I encounter errors when generating a CSR for certificate creation?

Nov 26, 2024

When creating a certificate within the directory, the user must ensure that they are using an up-to-date version of OpenSSL to generate the key and the Certificate Signing Request (CSR). The default message digest in OpenSSL is sha256 starting from version 1.1, released in 2016. Versions earlier than this are no longer supported, which could lead to compatibility issues during the certificate creation flow.

If that’s the case, then the user needs to upgrade OpenSSL to a supported version - our recommendation is version 3.0.0 or later. If the version is outdated, update it through your operating system's package manager or by following the OpenSSL documentation.