I am trying to solve a CSR signing issue in a home lab.
Can someone clarify this theoretical point?
According to Wikipedia:
"Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. The CSR contains information identifying the applicant (such as a distinguished name in the case of an X.509 certificate) which must be signed using the applicant's private key. The CSR also contains the public key chosen by the applicant."
https://en.wikipedia.org/wiki/Certificate_signing_request
Is the public key chosen by the applicant, the public key of the Certificate Authority that is going to sign the certificate (e.g. Verisign root CA certificate chain) or is it the public key of the CSR requester?