If the certificate is to be self-signed, use the key created by the certificate signing request tocreatea certificate. If using a local certificate authority, sign the csr file with the local certificate authority's key.
The use of public certificate authorities doesn't make sense for most databases because it allows third parties to create trusted certificates. Their only reasonable use is if you wish to allow public certificate authorities to independently issue certificates that you wish to trust. This is necessary for browsers because they often connect to unaffiliated websites where trust must be established by a third party. (Browsers include alistof public certificate authorities who can issue website certificates it trusts.)
Issuing certificates to clients as well enables additional features: