You can grab all these details from your SEPM's existing cert. A good place to look for these would be under "X:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup" on your SEPM. Just drill down the folder structure and until you find the cert.
You might also want to look at the below article too:
https://www.symantec.com/docs/TECH212432
This seems to suggest you outright replace the SEPM's certs, instead of getting the SEPM to generate a CSR.
Make sure you read the article and its links in full, as changing the cert will break client communications, unless probperly managed.