Until today, I didn’t know you could do this. I always just did a cert request and generated a new key. Sometimes it is handy to keep your old key, and here is how you do it.
openssl req -new -sha2048 -key yourdomain.com.key -out yourdomain.com.csr
This works well. I used it to change the name of an existing certificate without rekeying it, which made the process simpler.