Certificate error when creation S3 repository for snapshot

Hi team,

I am trying to create a S3 repository so that I can send snapshot to it and then restore on destination cluster.

I am using elasticsearch 5.2.2 version and have installed equivalent s3 repo plugin.

OS - centos

When I try creating s3 repo using below command:

curl -XPUT 'http://10.173.39.167:9200/_snapshot/repository-s3?verify=false&pretty' -d'
{
  "type": "s3",
  "settings": {
    "bucket": "elasticsearch-snap-bucket",
    "region": "ap-south-1",
    "access_key": "accesskey",
    "secret_key": "secretkey",
    "server_side_encryption": true,
    "protocol": "https"
  }
}'

I end up with below error:-

  "error" : {
    "root_cause" : [
      {
        "type" : "amazon_client_exception",
        "reason" : "amazon_client_exception: Unable to execute HTTP request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
      }
    ],
    "type" : "repository_exception",
    "reason" : "[repository-s3] failed to create repository",
    "caused_by" : {
      "type" : "amazon_client_exception",
      "reason" : "amazon_client_exception: Unable to execute HTTP request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
      "caused_by" : {
        "type" : "i_o_exception",
        "reason" : "sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
        "caused_by" : {
          "type" : "validator_exception",
          "reason" : "validator_exception: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
          "caused_by" : {
            "type" : "sun_cert_path_builder_exception",
            "reason" : "sun_cert_path_builder_exception: unable to find valid certification path to requested target"
          }
        }
      }
    }
  },
  "status" : 500
}

Please help

Steps that I have tried. But without any success. It still throws the same error.

echo -n | openssl s_client -connect s3.ap-south-1.amazonaws.com | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ./cert.crt
keytool -import -alias sthrecerts -file ca_logstash.cer -keystore /usr/java/jdk1.8.0_91/jre/lib/security/cacerts

i m using java 1.8.0_91