When your certificate is returned from the CA, it is encrypted with your public key so that only you can decrypt it. You can decrypt your certificate and install it by entering the correct password for your trust database.
Your own server’s certificate to present to clients
A CA’s own certificate for use in a certificate chain
A trusted CA’s certificate
A certificate chain is a hierarchical series of certificates signed by successive certificate authorities. A CA certificate identifies a certificate authority (CA) and is used to sign certificates issued by that authority. A CA certificate can in turn be signed by the CA certificate of a parent CA, up to a root CA.
If your CA does not automatically send you their certificate, request them to send it. Many CAs include their certificate in the email with your certificate, and your server installs both certificates at the same time.
When you receive a certificate from the CA, it is encrypted with your public key so that only you can decrypt it. The server will use the key-pair file password you specify to decrypt the certificate when you install it. You can either save the email somewhere accessible to the server, or copy the text of the email and be ready to paste the text into the Install Certificate form, as described here.