Login to your webserver via ssh. It would be wise to create a directory which only you can access. Then switch to this directory. You can do this with the following commands:
mkdir certs
chmod 700 certs
cd certs
Create a private key:
/usr/local/pd-admin2/bin/openssl genrsa -des3 -out server.key.secure 1024
Remove the key's password protection:
/usr/local/pd-admin2/bin/openssl rsa -in server.key.secure -out server.key
Now you can create the CSR:
/usr/local/pd-admin2/bin/openssl req -new -days 365 -key server.key -out server.csr
The required data should be self-explanatory. Please note that you have to enter the exact name of your ssl-webserver (e.g. secure.applepie.com) when asked for 'common name'.
The result will be stored in the file server.csr. Please note that the private key which is stored in the file server.key is needed when you install the certificate. Do not delete this file yet.