The admin-api documentation shows a cacertificate object. It isn’t clear to me how this is used. It seems that to setup SSL/TLS for requests, only a certificate object is needed. Is cacertificate object only needed for mutual TLS authentication?
Yes.
It is not used anywhere inside open source Kong currently.