Well, historically not openssl ca, but yes for openssl genrsa and openssl req to create private keys and CSRs! CAs have often asked people to begin by uploading a CSR, and that would be generated with an openssl req command.
Let's Encrypt does not recommend or expect workflows like this. We suggest using a Let's Encrypt client application.
Every client is different, but the overwhelming majority of them are capable of generating keys and CSRs internally, so you don't have to run any openssl commands. This might be different if you're using a web-based client to avoid installing any software locally on your computer.