The maas-ca certificate is something that is generated by MAAS on startup and it is saved on the database or Vault if the integration is enabled. We introduced this CA in order to create certificates for mTLS communication between Temporal services. We introduced Temporal with 3.5 release.
The CA certificate is copied later in the logic to a specific location inside the snap and it is loaded by Temporal. The path is /var/snap/maas/current/certificates/cacerts.pem. At the same place we store the cluster certificate and key: /var/snap/maas/current/certificates/cluster.{pem,key}
Could you check that the 3 files are placed correctly at this path?