The server uses a weak private key
In a number of OpenSSL implementations on Debian based Linux distributions a serious leak was found when generating the private keys. As a result the private keys generated on the systems for usage with SSH, OpenVPN, DNSSec and SSL are easy to hack. Therefore this leak was extensively covered in the news. More information:
dienstverlening/expertise- advies/kennisdeling/ factsheets/kwetsbaarheden-in- debian-openssl.html
archives/2008/06/12/ssl_ certificates_vulnerable_to_ openssl_flaw_on_debian.html
When the CSR was generated with a known insecure Private Key, our advice is to upgrade the server as soon as possible and to generate a new private key. It's not possible to request certificates with a CSR generated with an insecure private key. Manuals for generating a CSR can be found in our knowledgebase.