Network Solutions ssl csr with F5 11.5.1

Honestly you should be wanting to move your signing algorithms to SHA2 anyway. Microsoft has already announced that deprecation date for SHA1 as 1/1/2016 and that by 1/1/2017 Windows will not accept any SHA1 signed certificates.

http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx

Also you can reference this NIST guidance for moving forward as well. If you want to take the time to read through it :)

http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf

Personally I would questions your CA as to why they will not allow you to use a more secure algorithm. I can understand allowing for you as the customer to choose to issue at SHA1 for compatibility issues, but not even allowing SHA2 as a choice seems like a bad decision to me. I am currently issuing everything as SHA2 unless there is a technical limitation on a server that requires SHA1.