The cluster maintains its own certificate authority (CA) to issue certificates for external communication. A self-signed CA is generated during the installation of CDF by default. Pods of the deployed products use the certificates generated by the CA on pod startup. You can change the CA with your own CA (well-known or organization’s root CA) or you can generate a new CA and include the CA to the CDF.
NOTE:Changing the CA after Identity Intelligence deployment will necessitate uninstall and reinstall of the CDF suite. Uninstalling the CDF suite will uninstall all the installed capabilities such as Identity Intelligence, Transformation Hub, and Fusion. As a result, we recommend that you perform this procedure when Identity Intelligence is first installed to avoid downtime and data loss.