Istio 1.3.3 Failed to fetch public key from "https://url/jwks.json": Get https://xxx/jwks.json: x509: certificate signed by unknown authority

We are using Policy as below to make authentication. The policy is getting applied and gives Unauthorized request but even with proper token its not able to authenticate when we checked the logs we found that the Pilot is giving the error as below :

Failed to fetch public key from “https://url/jwks.json”: Get https://xxx/jwks.json: x509: certificate signed by unknown authority

Based on the we observed ISTIO not aware of the certificate and didn’t use that certificate to fetch the jwks.json. Need help to make ISTIO aware of this certificate to get the jwks.json

Policy:

image

jwksuri is internal one and not a public OIDC provider end point

Is there a way to make Pilot aware of the cert so that it can connect and pull the jwks.json public key?

Any help will be appreciated Thank you

Anyone encountered this and can help me ?