XCA = X Certificate and Key Management
Think if it as KeePass for Certificates vs standing up a windows server VM as a CA for lab use.
Download XCA – I am using the portable verison
https://www.wojcieh.net/replace-vmware-esxi-6-ssl-certificate/ lists the process for ESXi, but generates CSR and needs a Microsoft Certificate. This process all done in XCA.