In the KUMA web interface, you can download the following CA certificates:
This certificate is used to authenticate the API server serving the KUMA public API. You can also use this certificate when importing data from MaxPatrol reports.
You can also change this certificate if you want to use your company's certificate and key instead of the self-signed certificate of the web console.
For an installation with the KUMA Core service in a Raft cluster without a balancer, you can download the CA certificate of the REST API to any node, but a secure connection is possible only with the core-1 node. The rest of the nodes return an error. If you want to directly log in with the same certificate to all nodes of the Raft cluster without a balancer, when generating a certificate, you can specify the FQDNs of all KUMA Core nodes in the Raft cluster in the Subject Alternative Names (SAN) field.
This certificate is used for authentication when connecting log sources to passive collectors using TLS, but without specifying your own certificate.
To download a CA certificate:
The certificate is saved to the download directory configured in your browser.