Create the certificate signing request.  Your certificate provider should have some instructions on what goes in each fields, but generally the domain name you want to secure goes in the Common Name field:

#openssl req -new -key yourdomain.pem.nopass -out yourdomain.csr

Once you have the cert file.  For example yourdomain.crt you must register the crt using the Mono utility httpcfg.  But first, you must convert your key file to the Microsoft Format .pvk or you will get this error: "error loading certificate or private key [Invalid data and/or password]"

pvktool can be downloaded to convert it.   You can find that here: http://www.drh-consultancy.demon.co.uk/pvk.html

Once you have it (either on Windows or Linux) run:

pvk -in yourdomain.pem.nopass -topvk -nocrypt -out yourdomain.pvk

Now register your signed certificate with httpcfg:

#httpcfg -add -port 443 -pvk yourdomain.pvk -cert yourdomain.crt

To see the current registrations:

#httpcfg -list 

If your listener is listening on port 443 you should now see your certificate on https.