Service serving certificates are intended to support complex middleware applications that require encryption. These certificates are issued as TLS web server certificates.
The service-ca controller uses the x509.SHA256WithRSA signature
algorithm to generate service certificates.
The generated certificate and key are in PEM format, stored in tls.crt
and tls.key respectively, within a created secret. The
certificate and key are automatically replaced when they get close to
expiration. The service CA certificate, which signs the service
certificates, is only valid for one year after {product-title} is installed.