On 31 Jan 2020, at 01:25, Douglas Morris <dougbmor...@yahoo.com <mailto:dougbmor...@yahoo.com>> wrote:
> Interesting. I think I misunderstood this explanation about the -signkey > <file> option: "This option causes the input file to be self signed using the > supplied private key." > > Your input has me thinking that a certificate signing request is in fact > self-signed like a self-signed certificate is self-signed. I think I > mistakenly supposed any self-signing meant acting like a "mini CA". I shall > give those two x509 options, '-x509toreq' and '-signkey', a try. Correct - a CSR is generally signed by the party submitting it - thus proving that he or she has access to their own private key. Dw.
