CA issued device SSL certificate assistance needed

BLUF - CA signed device certificate is required. The built in GUI generated certificate request (.req) is missing info required by the CA. The plain vanilla OpenSSL generated .req is missing info required by the CA.

OpenSSL seems to be the way to go. How to add/specify the "Key Usage" and "Extended Key Usage" attributes/parameters to an openSSL generated certificate .req.

It will look like: KeyUsage = <hex value> and   EnhancedKeyUsageExtension OID=x.x.x.x.x.x.x.x.x

Changing CA is not an option. Using a self-signed certificate is not an option. Thanks in advance