The ca-certificates package is a collection of certs from other CAs, for installing into browsers and that kind of thing.
If you want to set up your own CA, and create certs for your servers and clients, you need to use openssl. Openssl has a lot of man pages - the most important ones for this use are x509(1), ca(1), genrsa(1), req(1), rsa(1), and maybe pkcs12(1). Read through those, and see if it gives you enough to come up with a specific question. Don't feel bad, this stuff is hard to learn.
Sorry if I misunderstood your question.
|