'Self-signed'
That is the term to focus on.
In general, there is nothing wrong with them, they function the same as a certificate you would procure from a certificate authority. And yes, it is very likely a .x509 certificate.
However, because you are the self-signing party, there is no tool/company, who would trust this type of certificate. And that is a very big part of the encryption process. Why this lack of trust? You are are unknown as a certificate authority. How reliable are you, as in will you be in business long enough to validate a certificate you authorized? What is the business plan? You will never be able to satisfy each of the users, so you won't be able to satisfy the need of any user. That renders them in essence useless.
Or do they?
Well, it isn't hard to install yourself to the list of parties that the operating system trusts as certificate authority. You can repeat that procedure on every computer and now you can use your own self-signed certificates as completely valid. But it will be be for your own network, nowhere else. If this satisfies your use case, then there is no real problem using self-signed certificates.
But, sooner or later, your use-case is likely to change and you wish to share your encrypted zip file with someone outside your network for whatever reason. Well, now you have a big problem. That external user won't install your self-signed certificate, they will likely also have their doubts about possible corruption during transport of your self-signed certificate. So this encrypted date will remain hidden for that external user. Now we're back to your certificates being useless to anyone but you.
And that is kinda the point of certificates, it is intended to be a secure way of transporting trustworthy data between parties that are not part of the same network.
Procuring a certificate from an organization like Let'sEncrypt is usually without cost. But these certificates are 90 days valid and very likely configured for encrypting HTTP connections and nothing else. You can buy certificates for different purposes. Those are usually valid for 1 year, but, depending on their purpose(s), pricey. As in more than 1000 USD per year. But, as you now use a commercial certificate authority, your computer/phone/tablet/etc. will be able to establish a secure communication channel without manual interaction on your end or on the 3rd party's end.
Then there is another problem. But related to certificates in general, not specifically self-signed certificates.
When certificates are generated, there is a validity period involved. The end date of that period...can have some unintended side-effects. Say, you have photos from a closed bedroom event. While those were created with consent of all parties involved, those should never be publicly available. So you use certificates to encrypt the archives from these photos. All is well and good. Until you wish to open those archives for purpose of reminiscence on any date after the certificate's validity period. Chances are that your archived data became unavailable to yourself as well.
You will now keep track of certificate validity periods and re-create archives using updated certificates. If you think making backups of unencrypted data is already a hassle...you'll open Pandora's box when introducing encryption to those processes.
Sure, you can set very long validity periods (10 years is the maximum, if memory serves), but with such a long validity period, you'll undermine the security aspect of certificates in a very big way. One year is about as long as any certificate should be valid. But shorter periods are usually better.
