[BUG] Incorrect information about CA certs

[marktheunissen]

Describe the bug

Hi team, on this page: https://min.io/docs/minio/linux/operations/network-encryption.html#self-signed-internal-private-certificat[…]blic-cas-with-intermediate-certificates

The statement is incorrect:

"For a self-signed certificate, the Certificate Authority is typically the private key used to sign the cert."

The Certificate Authority (CA) is represented by the public certificate, not the private key. In the context of self-signed certificates, the certificate itself (which includes the public key) acts as its own CA. The private key is used to sign the certificate but is not the CA itself. Distributing the private key is insecure and should never be done. The private key must remain confidential to maintain the security of the certificate. Sharing the private key would compromise the entire security model of TLS.

Correct Information: For self-signed certificates: Use the self-signed certificate (public certificate) as the CA certificate. Place the self-signed public certificate in the /certs/CAs directory so that MinIO can trust it. Do not use or share the private key as the CA certificate. Only the public certificate should be shared or distributed for trust purposes.