Certificates and Service Accounts in Kubernetes Cluster

Asking for help? Comment out what you need so we can get more information to help you!

Cluster information:

Kubernetes version: 1.23.6
Cloud being used: bare-metal
Installation method:
Host OS: Linux

Hi Team,

I wanted to understand how the ca certificate in the kubernetes cluster is created / generated when a new cluster is brought up ?. Is there any document or guide which explains this ca certificate generation for a new kubernetes cluster.

Also whenever we create a service account, I see a secret is created which has below fields under the data.
ca.crt, namespace, token
Can someone explain how the data in ca.crt field is populated by kubernetes ?