My development and production APNS certificates are due to expire in January so I've just started the renewal process.I open keychain access and ask Certificate Assistant > Request a certificate from a certificate authority.I filled out the fields as normal (my email, descriptive text, save to disk) and it generated the .certSigningRequest file but when I upload that I get:An unspecified error occurred.CSR algorithm/size incorrect. Expected: RSA(2048)Now I can't see any settings for what CSR algorithm or size in the certificate assistant dialog.This is keychain access Version 9.0 (55171.20.2) running on El Capitan.Any ideas why this is failing and what I should do to fix it?