SQL Server certificates (Key Usage / KeySpec Exchange)


I’ve been trying to generate a certificate (from Vault) for use with SQL Server, for transit encryption.

Whilst, I’ve been able to generate a certificate OK, SQL Server states it’s not suitable because:

The selected certificate does not have the KeySpec Exchange property. This property is required by SQL Server to import a certificate.

How do/can I setup the certificate request to include this property correctly? Any thoughts/suggestions?