In order to generate a "real" certificate, you generate a CSR, then send
it to a certificate authority to be signed. Then you install the
certificate they generate.
("Send" can mean "use locally installed software").
If you self-sign it, it'll still work but users will get a pop-up message
saying this certificate is not signed by an official certificate
authority, and they'll have to manually allow the browser to connect.
This is assuming we're talking about webserver certs. You could be using
them for a variety of other things.
On Wed, 30 Aug 2017, Iznogoud wrote:
> For closure here, this is a pressumed "certificate signing request" that was
> generated and placed in the .csr file, which needed to be signed by a real
> person (using the personal key your.cert) in order to be accepted by a
> certificate signing authority (like "Let's Encrypt" which is what I use).
>
> Did I get it right? (for everybody else's reading benefit)
>
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
>