I don't understand that where are the RSADomainValidationSecureServerCA.crt, RSAAddTrustCA.crt and AddTrustExternalCARoot.crt come from?
Besides that, for the step 2.1 and 2.2,
Add the following settings:
http.sslcert=.\src\qlik.com\ newsstandproxy\conf[certificate file name]
http.sslkey=.\src\qlik.com\ newsstandproxy\conf[certificate key]
I found that there are similar code in the file.
Does it mean that i should change the file name instead of adding two new line code?
Assuming those are not self signed certificates, and that they come from a Certificate Authority, what the help suggest is to include the whole chain within the same PEM file so ti can be resolved successfully and not return an invalid certification warning in the browser.
However, if you are using a self-signed certificate you can skip those steps since you don't have any certification authority chain to follow, but you will get the warning error in the browser.
You are already generating the keys when requesting the certificate if you run the openssl commands as in the help site (Installing SSL certificates ‒ Qlik NPrinting) there it is specified where the private key is stored and how to add to the config file, as the request for the certificate creates also the keys (self signed certificate).
If you are using instead a third party certificate authority (the likes of Comodo, Symantec, Thawte, etc.) then you will get that information from them.