RHEL8 certificate locations - using local CA

We have an isolated network and we are using a Microsoft CA. Our environment is a Windows AD domain with mostly RHEL7 and RHEL8 machines and some Win10. I was handed down a procedure to generate a CSR and make the request and so on. The directions are only half adequate. I am not a pro at certificates so bear with me.
I have not been able to find info to explain this in whole, only pieces.

What I gathered about certificate locations (RHEL)

key file = /etc/pki/tls/private (.key ext)
cert = /etc/pki/tls/certs (.cer ext)
CA = /etc/pki/ca-trust/source/anchors (.cer ext)

I believe I have the generate key, csr and make a request part down okay for the machine itself. Below is my best guess for applying the root CA.

Get the CA root cert:
- Open “Certificates” in an MMC
- Certificates \ Trusted Root Certification Authorities \ Certificates
- Search for root cert under “issued by” column, open it
- Click “details” and copy to file
- Base-64 encoded X.509 (.CER)" format
- Copy to RH machine under /etc/pki/ca-trust/source/anchors
- Refresh certs: update-ca-trust extract

Does any of this seem correct? Is there a website that might describe this process start to finish including root cert?