issues with self-signed certificate

the definition of self-signed certificate: the private key used to sign a certificate is the same private key used to generate the certificate.

Here are 3 simple steps to generate a self-signed cert:

openssl genrsa -out server.key 4096

openssl req -new -key server.key -out server.csr

openssl req -x509 -req -days 365 -in server.csr -key server.key -out server.crt

file "server.crt" is a self-signed cert now.

openssl verify server.crt

server.crt: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd

error 18 at 0 depth lookup:self signed certificate

OK

self-signed certificate suffers man-in-the-middle attack. Just goole "self-signed certificate man-in-the-middle"