ISTIOCTL throwing handshake error


I have setup istio in my eks cluster, I have enabled auto side car injected and also setup ```
PeerAuthentication as strict, I am having two issues

  1. when I use istioctl I am getting following errror

    unable to retrieve Pods: Get “https://…”: net/http: TLS handshake timeout
    So I cant analyze the mesh

  2. with strict mode on for peerauthentication, I can still talk to otherservices over http and when I use https:// I get following error

    curl -I https://example:3000

     > curl: (60) SSL certificate problem: self signed certificate in certificate chain
    More details here:

    curl failed to verify the legitimacy of the server and therefore could not

    establish a secure connection to it. To learn more about this situation and

how to fix it, any help will be great