Is it the public key or the key pair that is included in the x509 certificate?
I use these commands to create a self-signed certificate, subject’s key and CSR, and subject’s signed certificate:
Root CA:
openssl req -new -sha256 -x509 -days 7300 -out ca.crt -keyout ca.key.pem -nodes
Server CSR:
openssl req -new -sha2…