IPA: pki-tomcatd service start failing with error UNKNOWN CA"

Issue

• Pki-tomcatd service start is failing with below error.

[12/May/2021:15:56:07][localhost-startStop-1]: ldapconn/PKISocketFactory.makeSSLSocket: begins
[12/May/2021:15:56:07][localhost-startStop-1]: SSLClientCertificateSelectionCB: Setting desired cert nickname to: subsystemCert cert-pki-ca
[12/May/2021:15:56:07][localhost-startStop-1]: LdapJssSSLSocket: set client auth cert nickname subsystemCert cert-pki-ca
[12/May/2021:15:56:07][localhost-startStop-1]: PKIClientSocketListener.alertSent: begins
[12/May/2021:15:56:07][localhost-startStop-1]: PKIClientSocketListener.alertSent: got description:48
[12/May/2021:15:56:07][localhost-startStop-1]: PKIClientSocketListener.alertSent: got reason:UNKNOWN_CA
[12/May/2021:15:56:07][localhost-startStop-1]: SignedAuditLogger: event CLIENT_ACCESS_SESSION_ESTABLISH  
[12/May/2021:15:56:07][localhost-startStop-1]: LogFile: event type not selected: CLIENT_ACCESS_SESSION_ESTABLISH
[12/May/2021:15:56:07][localhost-startStop-1]: PKIClientSocketListener.alertSent: CS_CLIENT_ACCESS_SESSION_ESTABLISH_FAILURE
[12/May/2021:15:56:07][localhost-startStop-1]: PKIClientSocketListener.alertSent: clientIP=192.168.122.204 serverIP=192.168.122.204 serverPort=31746 
reason=UNKNOWN_CA
[12/May/2021:15:56:07][localhost-startStop-1]: SignedAuditLogger: event CLIENT_ACCESS_SESSION_ESTABLISH
[12/May/2021:15:56:07][localhost-startStop-1]: LogFile: event type not selected: CLIENT_ACCESS_SESSION_ESTABLISH
org.mozilla.jss.ssl.SSLSocketException: org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: (-8172) Peer's certificate issuer has been  
marked as not trusted by the user.
.
.
Could not connect to LDAP server host ipa-x1.pao.mmracks.internal port 636 Error netscape.ldap.LDAPException: Unable to create socket:     
org.mozilla.jss.ssl.SSLSocketException: org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: (-8172) Peer's certificate issuer has been 
marked as not trusted by the user. (-1)