Adding MITM inspection CA trust to elastic

Currently looking to install the repository-s3 plugin to elasticsearch. Alas, we get a java SSL error as our firewall is enacting SSL inspection and breaking the chain. In normal operations we just add the firewall cert to the trusted store on whatever distro and carry on as normal. I tried the same on our elasticsearch master node in K8s and it works temporarily. I am guessing there is a different process. To clarify we are not trying to issue admin certs or kibana certs but merely ensure that our firewall inspection cert is trusted by opendistro so it can communicate out to the repository. Has anyone tried to do this or succeeded?