For Tumbleweed, you need the openSUSE CA certificate. For Leap 15.3 you will instead need the SUSE CA certificate.
The easiest way that I know, is with a running Tumbleweed on a UEFI box. If you use:
it will export all enrolled certificates to files in the current directory. The file name is the number of that certificate in the list you will see with
If you don’t have an installed Tumbleweed, you can probably do this with running the downloaded live Tumbleweed media. I’m not sure whether “mokutil” is already installed in the live media, but you should be able to install it if needed. You will have to boot that in UEFI mode.
shim package installs certificates in /etc/uefi/certs. Unfortunately it does not name them “openSUSE Secure Boot CA” or similar, names are derived from certificates SHA1 fingerprint. For openSUSE and SLES there should be one certificate XXXXXXXX-shim.crt that is openSUSE/SLES CA. Format is DER. You can verify its name and purpose when importing.
If you have same version of openSUSE on bare metal/VM you should already have this file. You can extract it on basically any Linux without installation using rpm2cpio utility (OK, “any Linux” that supports rpm zstd compression …). Under Windows I usually used 7-Zip to extract files from RPM, unfortunately TW switched to zstd compression method that is not supported by 7-Zip yet, so it no more works. Although there is external project that offers plugins for standard 7-Zip (https://github.com/mcmilk/7-Zip-zstd); I have not tested it so far.
nor do I find any reference how to do this.
Quoting page you yourself referred to:
installed in the same manner as described above.
where “above” refers to detailed screenshots of Windows certificate management tool.
After all, if you install under Windows you are supposed to know how to manage Windows or at least how to find help on Windows management topics.
But in general I agree - there should be easy to find page (ideally referred to from main download resources) that lists certificates and allows to download them.