This is recorded on CentOS-5, Apache-2.2.3. Also, reference my notes on enabling ssl on apache 2.0.63.

Install httpd and mod_ssl:
root# yum install httpd mod_ssl
root# mkdir /etc/httpd/ssl
root# cd /etc/httpd/ssl
root# vi openssl.cnf

Here you can enter your content of openssl.cnf, and then generate a private key:
root# openssl genrsa -des3 -out server.key 1024

This is recorded from CentOS4, httpd-2.0.63

To start, we make sure we have httpd and mod_ssl installed:

# yum install httpd mod_ssl
# cd /etc/httpd/conf
# vi openssl.conf

After we enter your copy of openssl.conf, we'll modify the Makefile - in the section for the target "$(CRT):", append two lines:

        cp $(KEY) $(KEY).orig
        openssl rsa -in $(KEY) -out $(KEY)

Now we can create the CSR:

This article tells it pretty clearly:

http://www.cyberciti.biz/tips/postfix-smtp-ssl-certificate-csr-installat...

Here are steps to install the digital SSL certificate on Qmail server:

Here are some references for educational purposes.

Here are some references on credential revocation:

To import a new CA certificate into Thunderbird 1.5:

1. Launch Thunderbird and choose Account Settings from the Edit menu.
2. Select Security under the account name.
3. Click the View Certificates button.
4. Click the Authorities tab.
5. Click the Import button at the bottom of the screen.
6. Navigate to the CA certificate and import it.

To import a new CA certificate into Evolution:

1. Launch Evolution and choose Preferences from the Edit menu.
2. Select Certificates
   

Browsers ships with certificates from well-known commercial CAs. If your web servers use certificates signed by your own CA, your CA certificate must be exported to every browser on every client system that will be connecting to an SSL-enabled web server.