I want to recreate my old CA certificate because it is still an MD5 one and all applications start to refuse it and the certificates signed with it. I also moved since I created it so I want to change the subject.

I created a new certificate request based on my CA. When I want to sign it, I check "Modity subject of the request" and "Create self-signed …". On the subject tab, the key-related options are greyed out. I have no unused keys in my store, so the key dropdown is empty. The actual key that was used for the CA is imported. When I click OK, I get the error: The key you selected for signing is not a private one. I don't understand this error. I can't select a key because it has been preselected. When I do not want to change the subject, the certificate is created fine. It looks like the validation code of the key dropdown is not taking into account that I don't have to select a key in this case.