At least you should not. StartSSL (and probably other CAs) has a prominent feature to create your key pair for you, which you need to skip to use a signing request. Always use the latter!