You can get the Certificate Signing Request (CSR) from your hosting provider. The CSR can be generated by the server administrator using the server software.
Please note, in case your SSL certificate shall cover both, the www version (www.yourdomain.com) and the root version (yourdomain.com) of your domain, the CSR needs to be generated for the www version. If the CSR is generated for the root version only, the www version won´t be covered.
The private key which is generated alongside the CSR has to be kept confidential and shall not be made available to anybody else. If a third party gets access to the private key, your SSL certificate can be compromised and is no longer secure.