It does sound like one, but it isn’t. Ignoring the differences in UX:

Passkey

• Per-service key pair, unique per domain, Identity bound only to that specific account on that site
• Challengeresponse via WebAuthn
• Trust anchored only in the target service (no external CA)
• Private key sealed in OS / secure hardware keystore

Certificate login

• Single global identity usable across many services
• TLS client authentication with certificates
• Trust established via certificate authorities and chain validation
• Private key stored in exportable file or smartcard

I think OP is talking about auth in services that you selfhost.

For example elster.de forces you to sign in with one of the many passwordless methods, which includes: entering a username and uploading a cert file.

But most selfhosted services only have username/password logins (if any).