How do I regenerate the private key from the appliance?
openssl genrsa -out <hostname>.key 2048
That will create a file called "<hostname>.key" with your private key in it.
Next, you create a certificate signing request:
openssl req -new -key <hostname>.com.key -out <hostname>.com.csr
You'll be prompted for various pieces of information; answer them. The most important is the "Common Name" which should be whatever host name you have chosen for the CanIt machine.
Once the file "<hostname>.csr" has been created, you submit it to your CA. Eventually you'll get back a certificate bundle. You paste the private key (that sits in the <hostname>.key file) into the private key box and the certificates into the certificate box.