Can you elaborate on what this actual means? What changes and where ? Do you adjust your configuration for this setup somehow ?
The error that Elasticsearch throws seems to indicate either that the ID Token is signed with a different key than the one in certs.json or a different signing algorithm is used so something has changed.