Before you proceed to purchase your new SSL certificate from a third-party certificate authority, you will need to generate a private key and CSR (certificate signing request). You will need to submit the CSR to the certificate authority. They will then use the CSR to create your SSL certificate.
While the certificate authority does not need your private key, the SSL certificate will only work with the private key that was generated with the CSR.
You will need to follow the below step-up articles in order: