The process is pretty strait forward when creating a cert request from wasp and sending that to a CA to create the cert.
That is documented here:
Configure HTTPS in Admin Console or UMP - CA Unified Infrastructure Management - 8.4.7 - CA Technologies Documentation
When client have an existing wild card cert they want to use this is where the problem usually comes in.
We have KB article on this, however clients usually run into a problem with converting the cert to the proper format
needed for UMP. I believe some clients have gotten this to work but as there are so many variations of this support is limited on what they can do to trouble shoot the process past the KB article below.
https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.TEC000003740.html
hope this helps