Step-1: Create a RSA private key for your Apache server, PEM-formatted:
#openssl genrsa -des3 -out .key 2048
It will ask for a pass phrase, provide a pass phrase of your own here.
Step-2: Create a Certificate Signing Request using the RSA private key created above (output will be PEM format):
#openssl req -new -key .key -out .csr
Note that the Common Name field is the field where the domain name should be stated.
If you want to read your generated .csr file, then issue the following command
#openssl req -text -noout -in .csr
