Depends, there are different steps if you need a Signer, Personal or CA signed Personal certificate.   For personal wander down this WAS console path:

SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore

Signed Certificate from Certificate Authority

If you made a Personal Certificate request from the NodeDefaultKeystore you may have to import a signer certificate ( see below ).  To get the signed certificate into the keystore
SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore > Personal certificates
Click Receive from a certificate authority...

Personal Certificate
SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore > Personal certificates

Click on Import.   You must know the location of a key store and the keystore password   This is a handy way to "migrate" a certificate with a given common name (CN) from another WAS keystore ( perhaps there are several WAS profiles bound to same server name )

Signer Certificate in Key Store:

SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore > Signer certificates

Click Add, provide Alias, location of the key file, it's type, click OK

Signer Certificate ( e.g. in a Trust Store ) for say LDAP server...

SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates

Click on Receive from port, provide host / port / alias click Retrieve Signer Information button.

After any of the above Save the configuration.   Most will take effect immediately except for addition of Signer in the Trust Store.