first make sure that your server is properly installed.
ensure that you have proper IP. I think you cant change the IP later.
make sure that you have installed the application properly and no settings left.
now its time to generate CSR file. Its a certificate signing request file.
use ikeyman utility in the bin folder from command prompt to generate certificate request.
Now a private key will be created and public key will be created.
private key you have to keep with your self.
public key you have to sent to CA, cetrificate authority.It may be thwate or verisign.
they will take 2-3 days to give you 3 files.
you have to use ikeyman again now.
You now again have to use those 3 files and add to that private key.
now you have to go to the websphere console and add the certificate path in settings.. I dont remember exact location..
from CSR generation to certificate installation, the 2-3 days,
you should not do any changes in system..
thats what was told to me by my CA. that was undigestable to me though..
when there was any change in the settings like appserv02 instead of appserv01, in my case the certificate wont get installed.
so i suggest to first make a setup of system proper. then only start generation of CSR.