The certificates and keys as well as the certificate revocation lists (CRL) stored in the certificate manager are used for authentication and encryption of protected connections and authentication of router accesses.
A CA certificate (or root certificate) is the certificate of a Certificate Authority (CA) that is used to verify all further certificates or keys generated from this certificate authority.
The (public) certificate and the (secret) private key form a key pair together. This must be generated by the same CA for all participants.
The Certificate Revocation List (CRL) serves to describe the invalidity of certificates. It allows to determine whether a certificate has been blocked or revoked.
The static OpenVPN key (PSK, Pre-shared Key) can be used for OpenVPN connections as an alternative to the certificate-based authentication. In this case, the client and the server must have an identical static key to authenticate themselves to each other.