Is there a way to force OA / BA stop generating CSRs (certificate signing request ) with SHA-1 hash algorithm and use more secure ones, e.g. SHA-2?
Currently there is no such option implemented.
Internal request #PBA-59194 has been filed to address the matter.
As a workaround SHA-2 based CSRs can be generated manually using openssl tool or any other tools that can generate CSR.