I can create CA.crt of self signed by using the below commands,
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt
But we got the original valid TLS certificates from the third party,
should I need to generate CA certificate manually or should I ask the third party owner to generate CA certificate to my TLS certificates?