Creating a Digital Certificate without signing it

Question

I have created a key-pair and now I want to bind my public key with an email id (create a digital certificate). I do not want to do the next step of signing the certificate.

Question: How can I create the digital certificate (hence bind the public key with the identity) and not really sign it for now ? (Using OpenSSL for the same would be fine).

My understanding:

1. Digital certificate is just packaging the public key with an identity.
2. Digital signature is a CA assuring/signing the certificate and embedding the signature in the certificate file

Or is my understanding all wrong ?

Answer 1

Signature is a required part of certificate. You may instead create so-called self-signed certificate, signed by your own key.

Answer 2

if i got your question right, you want to prepare a certificate and stop the process before the actual signing by a CA would happen ...

the thing you are looking for is a so called certificate request ...

have a look at the "openssl req" command ... for examples see http://www.openssl.org/docs/apps/req.html (examples section shows generating a new request)