The X509 signing still relies on some legacy (non xx_ex) functions, so the digest/signature algorithm selection does not follow the given propq. This can be tracked down to the following:

• The openssl req doesn't pass libctx/propq when signing the X509 CSR. It even cannot (see next item).

• There is no X509_sign_ex with libctx/propq support.

• The ASN1_item_sign_ex is "half-migrated" only. It takes libctx/propq (which is good), but it also takes EVP_MD as input and calls EVP_DigestSignInit (without passing the libctx/propq). In my view, the ASN1_item_sign_ex should take a const char* digest name instead and call EVP_DigestSignInit_ex, which already exists and takes also libctx/propq. This ensures the correct cipher selection, which then manages the digest.