Use key type "VI", which most probably stands for "vendor independent"

main.py

@@ -11,6 +11,8 @@ from cryptography.hazmat.primitives.asymmetric import rsa
 from faker import Faker
 from sqlalchemy import MetaData, Table, select, create_engine, insert, func, update
 
+CSR_TYPE_VENDOR_INDEPENDENT = "VI"
+
 
 def build_user_unique_id(email: str) -> str:
     return md5(email.encode() + secrets.token_bytes(8)).hexdigest()
@@ -149,14 +151,15 @@ class DataGenerator:
             ]
         )
 
-        # The value of the keytype column is set to "MS" as this is the only supportable key type, "NS" is for
-        # SPKAC type signing requests and uses MD5, "VI" uses unsupported Microsoft CSR attributes
+        # The value of the keytype column is set to "VI" as this is the one of the supportable key type, "NS" is for
+        # SPKAC type signing requests and uses MD5, "MS" seems to be related to Microsoft browsers. "VI" might stand
+        # for "vendor independent".
         with self.engine.connect() as conn:
             stmt = insert(self.emailcerts_table).values(
                 memid=user.id,
                 CN=user.email,
                 subject=f"/CN={user.get_name()}/emailAddress={user.email}",
-                keytype="MS",
+                keytype=CSR_TYPE_VENDOR_INDEPENDENT,
                 created=func.now(),
                 modified=func.now(),
                 rootcert=root_cert,