CSR Generation in Google App Engine

To create the CSR, execute the following command in openssl.

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

This creates two files. 
The file myserver.key contains a private key; do not disclose this file to anyone. 
Carefully protect the private key. 
Once the CSR has been created then you should submit it to the CA (Sectigo) to get the CA bundle and the domain certificate.