Are the following two ways to obtain server certificates for web servers to host web applications? says for running a flask web application with gunicorn and nginx with https:

Certbot provides a variety of ways to obtain SSL certificates through plugins. The Nginx plugin will take care of reconfiguring Nginx and reloading the config whenever necessary. To use this plugin, type the following:

sudo certbot --nginx -d your_domain -d www.your_domain 

This runs certbot with the –nginx plugin, using -d to specify the names we’d like the certificate to be valid for. says that for running an web application with https:

On Ubuntu the standard mechanism would be:**

  • dotnet dev-certs https -v to generate a self-signed cert
  • convert the generated cert in ~/.dotnet/corefx/cryptography/x509stores/my from pfx to pem using openssl pkcs12 -in <certname>.pfx -nokeys -out localhost.crt -nodes
  • copy localhost.crt to /usr/local/share/ca-certificates
  • trust the certificate using sudo update-ca-certificates
  • verify if the cert is copied to /etc/ssl/certs/localhost.pem (extension changes)
  • verify if it’s trusted using openssl verify localhost.crt

I was wondering if the above two ways are to achieve the same goal as obtaining a server certificate for a web server to host a web application?

Specifically, do the single certbot command and the dotnet dev-certs https and openssl commands do the same thing?

Are the two ways working directly on web servers, instead of web applications?

Can the two ways replace each other in their use case scenarios? (suppose dotnet dev-certs https would work on Ubuntu, for simplifying my questions.)

I am new to digital certificate, and have seen the above two approaches for different web application frameworks, and am trying to understand the commonality.