ISTIOCTL throwing handshake error

Hi,

I have setup istio in my eks cluster, I have enabled auto side car injected and also setup ```
PeerAuthentication as strict, I am having two issues

  1. when I use istioctl I am getting following errror

    unable to retrieve Pods: Get “https://…
    eks.amazonaws.com/api/v1/namespaces/istio-system/pods?fieldSelector=status.phase%3DRunning&labelSelector=app%3Distiod”: net/http: TLS handshake timeout
    So I cant analyze the mesh

  2. with strict mode on for peerauthentication, I can still talk to otherservices over http and when I use https:// I get following error

    curl -I https://example:3000

     > curl: (60) SSL certificate problem: self signed certificate in certificate chain
    
    More details here: https://curl.se/docs/sslcerts.html
    

    curl failed to verify the legitimacy of the server and therefore could not

    establish a secure connection to it. To learn more about this situation and

how to fix it, any help will be great