To generate a certificate with Origin CA, navigate to the Crypto section of your Cloudflare dashboard. From there, click the Create Certificate button in the Origin Certificates section:
You will be presented with a dialog to select the certificate creation mechanism, key type, certificate validity period, and hostnames included on the certificate (by default the zone root and first level wildcard hostname). You can include up to 100 hostnames/wildcard hostnames on a single certificate, and can include hostnames for other zones on the same account:
Note that some older browsers will not have the option to generate a private key and CSR, in which case you'll need to create your own key and CSR outside the browser or use a newer browser.
Once you're satisfied with the certificate settings, select Next to generate the certificate. You will see a dialog allowing you to copy the signed certificate and private key if you chose to have Cloudflare generate one for you:
If you prefer to use the API to generate certificates, see https://api.cloudflare.com/#cloudflare-ca-create-certificate.
If you need to later revoke a certificate, click the X icon adjacent the certificate name in the list of Origin CA certificates.