What do you mean "What TLS key file"? Here is the required TLS cert and key files at the APM server (as shared by your colleague APM agent TLS communication | APM User Guide [8.9] | Elastic)
The screenshot you shared is of the APM Integration policy editor. As I mentioned in the other topic, the APM Integration is not relevant when you're using the ApmServer ECK object kind. On the APM agent TLS communication | APM User Guide [8.11] | Elastic page, the bits about SSL/TLS input settings are only relevant when using the Elastic Agent & Fleet Server to manage APM. So just ignore that, ECK has configured your APM Server with TLS.
What's the use case of each? Any documentation for that!?!
See TLS certificates | Elastic Cloud on Kubernetes [2.10] | Elastic
"The public certificate is stored in a secret named -[es|kb|apm|ent|agent]-http-certs-public."
See also the script I shared above.
Mounted the public apm http cert in my app but to no avail!
Can you please share the deployment/pod spec for your application? I will also try to put together a more complete example tomorrow, including an application instrumented with an APM agent.