issues with self-signed certificate
the definition of self-signed certificate: the private key used to sign a certificate is the same private key used to generate the certificate.
Here are 3 simple steps to generate a self-signed cert:
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr
openssl req -x509 -req -days 365 -in server.csr -key server.key -out server.crt
file "server.crt" is a self-signed cert now.
openssl verify server.crt
server.crt: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
error 18 at 0 depth lookup:self signed certificate
OK
self-signed certificate suffers man-in-the-middle attack. Just goole "self-signed certificate man-in-the-middle"