The OWASP Top 10 represents a broad consensus about the most common and critical security risks to web applications. It can be used as reference for web application security.
DH key exchange is a critical component in virtually every PKI implementation. Having a working knowledge of what it is and how it works would help in understanding PKI as a whole.
In a cluster setting where TLS mutual authentication is required, it's not uncommon to see client certificates signed by either self-signed root CA or private CA.