Ip2geo install/config issue

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
green cluster of 5 vms running opensearch-2.12.0-1.x86_64
all almalinux 8 - private ips with proxy configured

Describe the issue:
Hi all,

Banging my head against a wall trying to get IP2Geo installed. I’m following the instructions here, When I run the PUT request to create the data source, the operation times out.

To try and diagnose it, I tried accessing the url alone. When I try the url on my (public ip) pc in chrome, the manifest.json file is downloaded. however, if i try the same url with curl or wget, the request is blocked. I’ve googled about setting up IP2Geo locally on the opensearch vms but did not find any information. Any ideas as to what i’m missing…?

Configuration:

Relevant Logs or Screenshots:

curl -k -XPUT --proxy "" --key /etc/opensearch/admin-key.pem --cert /etc/opensearch/admin.pem "https://1.1.1.1:9200/_plugins/geospatial/ip2geo/datasource/my-datasource" -H 'Content-Type: application/json' -d'
> {
>     "endpoint" : "https://geoip.maps.opensearch.org/v1/geolite2-city/manifest.json",
>     "update_interval_in_days" : 3
> }'
curl: (56) OpenSSL SSL_read: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown, errno 0

### to note, i have to include ' --noproxy "" ' for any curl requests to the cluster to work
### still fails if i do not include it
[root@machine man]# wget -d https://geoip.maps.opensearch.org/v1/geolite2-city/manifest.json
DEBUG output created by Wget 1.21.1 on linux-gnu.

Reading HSTS entries from /root/.wget-hsts
URI encoding = ‘UTF-8’
Converted file name 'manifest.json' (UTF-8) -> 'manifest.json' (UTF-8)
--2024-05-03 15:51:37--  https://geoip.maps.opensearch.org/v1/geolite2-city/manifest.json
Certificates loaded: 354
Resolving geoip.maps.opensearch.org (geoip.maps.opensearch.org)... 18.172.89.69, 18.172.89.73, 18.172.89.108, ...
Caching geoip.maps.opensearch.org => 18.172.89.69 18.172.89.73 18.172.89.108 18.172.89.126
Connecting to geoip.maps.opensearch.org (geoip.maps.opensearch.org)|18.172.89.69|:443... connected.
Created socket 3.
Releasing 0x00007fffc989edc0 (new refcount 1).

---request begin---
GET /v1/geolite2-city/manifest.json HTTP/1.1
User-Agent: Wget/1.21.1
Accept: */*
Accept-Encoding: identity
Host: geoip.maps.opensearch.org
Connection: Keep-Alive

---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Fri, 03 May 2024 14:51:37 GMT
Content-Type: text/html
Content-Length: 919
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 4a1d77e109412275a22baab82ca4a7d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN51-P1
X-Amz-Cf-Id: 2392p5Jv9szliC9kGtFbiKuw1BcJDXxG59S1X-cEeSIJgcC4gLXEHQ==

---response end---
403 Forbidden
Registered socket 3 for persistent reuse.
Skipping 919 bytes of body: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="textSkipping 759 bytes of body: [/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent thSkipping 247 bytes of body: [is error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: 2392p5Jv9szliC9kGtFbiKuw1BcJDXxG59S1X-cEeSIJgcC4gLXEHQ==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>] done.
2024-05-03 15:51:37 ERROR 403: Forbidden.