In a cribl cloud deployment, what certificate do we use for TLS for syslog?

the documentation for Data Sources, Ports and TLS settings is here:
LogStream Cloud Deployment