You need to generate a certificate signing request for a Certificate Authority signed certificate and have specific certificate signing requirements. 

Messaging Gateway uses the SHA256 hash when generating certificate signing requests (CSR) for a Certificate Authority (CA) signed TLS certificate. The hash algorithm used to sign a certificate may be viewed using the following openssl command:

$ openssl req -text -in smg-generated.csr | grep Signature
    Signature Algorithm: sha256WithRSAEncryption

The signature algorithm used for a signed certificate may be viewed using a similar openssl command:

$ openssl x509 -text -in ca-signed-certificate.crt | grep Signature
    Signature Algorithm: sha256WithRSAEncryption
    Signature Algorithm: sha256WithRSAEncryption