SHA stands for Signature Hashing Algorithm;  It's a mathematical hash that proves the authenticity of the certificate.

SHA-1 is an older version of the algorithm which is no longer in use: seen as unsecure by industry experts and major browsers, it is not possible to use it during the generation process for new certificates or the reissue of old certificates.
SHA-2 is the latest version that is widely accepted and viewed as secure by all major browsers and industry experts.
The hashing algorithm of your CSR has no relevance to what hashing algorithm is used on the certificate.

If you have an old SSL certificate based on SHA-1, it's recommended to reissue it using SHA-2.

Depending on expiring date of your existing certificate, there's a precise timetable of what will happen:

On September 26th, 2014: SHA-1 signed certificates expiring on or after January 1st, 2017 will be treated as "secure, but with minor errors" and will receive the yellow triangle padlock.

On November 7th, 2014: SHA-1 signed certificates expiring on or after June 1st, 2016 to December 31st, 2016 are treated as above. Certificates expiring after January 1st, 2017 are treated as "neutral, lacking security." These certificates will receive a blank page icon, as seen with HTTP sessions.

On January 1th, 2015: SHA-1 signed certificates expiring on or after January 1st, 2016 to December 31st, 2016 will continue to be treated as "secure, but with minor errors."
SHA-1 signed certificates that expire on or after January 1st, 2017 are treated as "affirmatively insecure." This will be identified by the red "X".

Reference:

Gradually sunsetting SHA-1: https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html