I have installed a minio server protected by a certificate issued by letsencrypt to serve as a snapshot repository for my elasticsearch cluster (version 7.17.6). When I try to create the registry (curl -X PUT "localhost:9200/_snapshot/minio-repository" with my endpoint) I get a "unable to find valid certification path to requested target" error.
The closest discussion I could find is S3 Repo plugin failing certificate validation with MiniO, already added cert to Jdk truststore but it is not exactly the same thing and there is no complete answer.
I tried to use this recipe Import Let's Encrypt certificates into Java's trusted keystore (cacerts) · GitHub and simply changed the keystore path to /usr/share/elasticsearch/jdk/lib/security/cacerts and the keytool exe to /usr/share/elasticsearch/jdk/bin/keytool. But it doesn't change a thing.
Is /usr/share/elasticsearch/jdk/lib/security/cacerts the right keystore to add let's encrypt authority certificates ?