In support of IIS and HTTPS web sits, I have always used mmc.exe (add Certificates snap-in) to request a CSR.
https://knowledge.digicert.com/solution/SO29005.html
I do not have experience with Windows Certificate Authority however. All of the certs I had to support were public facing and we got them from companies like Digicert.
I don't think that the reply from Limitlesstechnology is correct. It reads like the instructions for a Unix based system, and not a Windows server with a certificate authority.
Mary, I think it would be a good idea if you provided an overall explanation of how you intend to use this certificate. Other forum users with real world experience using a certificate authority might have some "do's and don't" that might be valuable to you.