The title of this Tech Tip is actually a little deceiving. You actually have to install the certificate both with FIPS disabled and then again with it enabled. It's as if you are installing the certificate in two different systems in a cluster. The general steps are:
With FIPS disabled generate a CSR, which you will download and send to your certificate authority.
After receiving the certificate from the CA, examine the certificate with the Crypto Shell Extensions. You will need to identify, and obtain, the Root and Intermediate certificates and and any Certificate Revocation Lists.
Select each of these components, and the type, and then click upload, with the certificate received from the CA last.
In preparation for loading the certificate with FIPS enabled, download the key that was created with the CSR. Combine this with the certificate received from the CA into a pem file.
With FIPS enabled
Upload the root and intermediate certificates and the CRLs, as above.
Upload the pem file, as a certificate with key.
Remember, that the CRLs must be uploaded before any certificates that reference them.