Istio JWT auth behind corp proxy

I deployed istio on Minikube cluster in Docker Desktop on a Mac. Helm deploys a simple service exposed behind ingress. I deployed a RequestAuthentication resource that points to a jwksUri. When request come in I get denied & I see in logs it fails to fetch from jwks uri (…) due to ‘dns error’. These logs are shown in istiod pod. How do I get this pod to utilize our corp proxy? When I tried to edit the istiod deployment & add in the env HTTPS_PROXY, NO_PROXY, etc it started generating many errors accessing internal services on 10.* and adding that in NO_PROXY did not help.