Path to Service Account Key files

In upstream K8s, these exist by default (see service-account-* variables below - ref:

Where (if at all) would the similar sa* files exist in Rancher (if at all) ? If not, what do I need to do to achieve this config. It’s a pre-requisite for Istio / SDS (see

kind: ClusterConfiguration
    service-account-signing-key-file: /etc/kubernetes/pki/sa.key ===> which file in rancher
    service-account-key-file: /etc/kubernetes/pki/ ===> which file in rancher
    service-account-issuer: api
    service-account-api-audiences: api,vault,factors