Untrusted by default
Your certificates will not be trusted by browsers until you install your private CA key into them. This makes this option unsuitable for public websites, but perhaps reasonable for securing private servers.
Your certificates will not be trusted by browsers until you install your private CA key into them. This makes this option unsuitable for public websites, but perhaps reasonable for securing private servers.