I will try to help you out as I have time, but I will be swamped with work for the next month. In order to create the key and CSR, you will probably need shell access to your account. I was unable to create the key / CSR from cPanel itself. To see if Shell access is enabled on your account from cPanel, in the "Security" category, you might see something that says "SSH/Shell Access," and try to connect by going to Java Telnet Applet if its available. If you cannot get in that way, you may need to email technical support of your webhost and request shell access (this is what I had to do). They should provide the details about how to get in through there. Once in, you can simply type in the commands the tutorial describes using openssl. It helps a LOT if you have some experience with basic UNIX commands to allow you to navigate your way through different directories. Otherwise, you can run the commands for openSSL in the shell prompt, and then manage the actual key, csr, and crt files you will create via File Manager in cPanel. Of course, if you are running a Windows-based server, then I suppose everything will be different.
I hope this is helpful and not confusing. Otherwise, be sure to let me know how you're doing! It may be helpful when I try to type up my own version of a step-by-step guide on how to get this darn thing to work. QBMS is the most difficult payment module I have ever had to work with, but it may also be one of the most secure.
Best of luck,