I was wondering what is the significance of using a challenge or pass phrase while generating a CSR?
Secondly how do we define where the private key of the cert is supposed to be residing? Is it in the CSR or PEM and how is it specified? FQDN maybe?
Can someone please help me understand how self signed certs are generated and used in enterprise environments?
Thank you for your time.