ElasticSearch self-signed Certificate error

Hi,
On my local ubuntu machine, I am running elasticsearch via docker container:

docker run --name es01 --net elastic -p 9200:9200 -it -m 1GB \
  -e "discovery.type=single-node" \
  -e "network.host=0.0.0.0" \
  docker.elastic.co/elasticsearch/elasticsearch:8.17.2

On the other side, I am running 3 docker containers via docker compose where they are running APIs.
One of the container should access to elasticsearch. Everything is working well with cert_verifs=False. However, with cert_verifs=True and using the default http_ca.crt, I got an error that the certificate is not validate for es01 which makes sense as it validate only for localhost if I understand correctly. I try to create a new certificate and adding the es01 to the dns list using these commands:

elasticsearch-certutil ca --pem --out elastic-stack-ca.zip

elasticsearch-certutil cert --name es01 \
  --dns es01 --dns host.docker.internal \
  --ip 127.0.0.1 \
  --ca-cert path/to/ca/ca.crt \
  --ca-key path/to/ca/ca.key \
  --pem --out es01-cert.zip

I use ca.crt as the certificate and copy it into the docker container that run the API. I added it as well in the ca-certificates by adding this line in the docker file:

COPY  ca.crt /usr/local/share/ca-certificates/ca.crt
RUN update-ca-certificates

However, I still get the famous error:
elastic_transport.TlsError: TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain