If you order a S/MIME certificate, the private key is created by the CA and can therefore be found in the systems of the certification authority at short notice. If, for security reasons, you want to create your own private key and use it when ordering, this is possible during the ordering process.
By using your own private key, you increase the security of the certificate, since nobody but you has ever received the private Key. This is a simple method to further increase the security.  You will need to generate a special Key/CSR for S/MIME certificates.

Create your own private key / CSR

How to create the key on a Linux system using OpenSSL

1. Create a private key. Set a password for the private key and confirm it.

   Example

   openssl genrsa -out my.key -des3 4096

2. Create a CSR. Enter the password for the private key.

   Example

   openssl req -new -key my.key -out my.csr

3. Follow the instructions until the CSR is created.

When ordering in the SSL Manager, you must now tick the box "Use private key/ CSR". The rest of the order process works as usual.  The S/MIME certificate will now be signed to match your private key. If you use your own private key, the name entered in the Common Name (CN) is used for the certificate. Any different names that were entered when you ordered via the SSL Manager will be overwritten with the Common Name from your CSR at the CA.
Please make sure that the names are identical in order to avoid problems when issuing certificates. 

When ordering in the SSL Manager, you must now check the box "Use own private key/CSR". The rest of the order works as usual.