Hi @lankanmon, I think the “gethttpsforfree” web site might be confusing you about which public key it wants. There is a public key that will ultimately be used by your site for HTTPS (the “subject public key” for the certificate, sometimes also just called something the “site’s public key”). This is actually contained within the CSR so it would be possible to extract it.
However, the key that gethttpsforfree is asking you about is the Let’s Encrypt account key. This is a crypto key that you would generate for yourself on your own computer (not something generated by BlueHost), to serve as a kind of credential to control your relationship with Let’s Encrypt. If you haven’t generated one, it doesn’t exist anywhere yet. For example, you might use the account key if you wanted to revoke your certificate or if you wanted to issue a new certificate for the same site in the future (like when the initial certificate expires 90 days from now).
If you click on “how do I generate this?” on the gethttpsforfree site, a box will appear that begins with “
How to generate a new account keypair using openssl”. There, the site will give you some command-line commands to run on your own computer to generate public and private keys for this purpose. In providing these commands, They are assuming that you are using Linux or MacOS X, or that you have access to a command line on a computer that is running one of these operating systems. If that’s not the case for you, you are not the intended audience for the gethttpsforfree site right now – the subsequent steps on gethttpsforfree will also require running other openssl command-line commands.