diff --git a/man/systemd-measure.xml b/man/systemd-measure.xml
index 014769f921..c144eda064 100644
--- a/man/systemd-measure.xml
+++ b/man/systemd-measure.xml
@@ -173,6 +173,10 @@
         specified, defaults to the four banks <literal>sha1</literal>, <literal>sha256</literal>,
         <literal>sha384</literal>, <literal>sha512</literal>.</para>
 
+        <para>Note that some operating systems disable support for SHA1-based signatures, in which case this
+        operation will fail. Please consult your OS' documentation for details on how to override the OS
+        security policy around this.</para>
+
         <xi:include href="version-info.xml" xpointer="v252"/></listitem>
       </varlistentry>
 
diff --git a/src/measure/measure-tool.c b/src/measure/measure-tool.c
index b7cb216c8f..0d5ceb9faf 100644
--- a/src/measure/measure-tool.c
+++ b/src/measure/measure-tool.c
@@ -952,8 +952,10 @@ static int build_policy_digest(bool sign) {
                         size_t ss = 0;
                         if (privkey) {
                                 r = digest_and_sign(p->md, privkey, pcr_policy_digest.buffer, pcr_policy_digest.size, &sig, &ss);
+                                if (r == -EADDRNOTAVAIL)
+                                        return log_error_errno(r, "Hash algorithm '%s' not available while signing. (Maybe OS security policy disables this algorithm?)", EVP_MD_name(p->md));
                                 if (r < 0)
-                                        return log_error_errno(r, "Failed to sign PCR policy: %m");
+                                        return log_error_errno(r, "Failed to sign PCR policy with hash algorithm '%s': %m", EVP_MD_name(p->md));
                         }
 
                         _cleanup_free_ void *pubkey_fp = NULL;
diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c
index 656278b52b..180d6f202f 100644
--- a/src/shared/openssl-util.c
+++ b/src/shared/openssl-util.c
@@ -1082,6 +1082,8 @@ int digest_and_sign(
                 const void *data, size_t size,
                 void **ret, size_t *ret_size) {
 
+        int r;
+
         assert(privkey);
         assert(ret);
         assert(ret_size);
@@ -1099,8 +1101,13 @@ int digest_and_sign(
         if (!mdctx)
                 return log_openssl_errors("Failed to create new EVP_MD_CTX");
 
-        if (EVP_DigestSignInit(mdctx, NULL, md, NULL, privkey) != 1)
-                return log_openssl_errors("Failed to initialize signature context");
+        if (EVP_DigestSignInit(mdctx, NULL, md, NULL, privkey) != 1) {
+                /* Distro security policies often disable support for SHA-1. Let's return a recognizable
+                 * error for that case. */
+                bool invalid_digest = ERR_GET_REASON(ERR_peek_last_error()) == EVP_R_INVALID_DIGEST;
+                r = log_openssl_errors("Failed to initialize signature context");
+                return invalid_digest ? -EADDRNOTAVAIL : r;
+}
 
         /* Determine signature size */
         size_t ss;