This post has nothing to do with the MQTT integration. Sandeep was trying to secure his Chirpstack server so he can expose it to the internet and reach it over WAN. You are just trying to forward MQTT events to another broker.
Respectfully, I suggest you research more into the documentation and previous forum posts. All the information you need is already there, and these questions show a gap in your understanding of these systems.
This only gives an certificate if you have already followed the TLS guide for securing MQTT. Read this: Stop using MQTT integration by default on each application
But for your use case I don’t even think you need TLS if your Pi and PC are both on a local network.
You can always subscribe to your MQTT broker and retrieve the packets, the only reason to do the “integration button” (which is not an integration just a TLS option) above is it gives you one way to secure access to your MQTT broker, which by default has no restriction on who can subscribe to what
Also an MQTT broker does not subscribe, that is what a client does. So either you use the integration in your chirpstack.toml to send the messages to another broker, or you make whatever application you would have on your external PC subscribe to Chirpstacks MQTT broker.
Sure, but technically it should be “Chirpstack” not “Integration” in the box sending to the external MQTT broker.
The guide literally shows you how to generate the certificates. Personally though I use openssl for certificate generation. But in my own Chirpstack deployment I am not using these self signed certificates at all. Instead I use a reverse proxy Traefik as I suggested to sandeep.