In the previous step a new PSE for SSL server was created, but the containing server certificate is self-signed. This means that no sane web browser will accept your certificate without showing a warning message to the user. To have a valid server certificate, it must be signed by a CA. To do so, a certificate request must be created. SAP Help
Open SSL Server Standard node and select server
Create a certificate request.
Copy content to a file (via clipboard) and send it to your CA.
You now have the CSR file for the server PSE that can be submitted to a CA.