Can't Download SCAP content

Can’t Download SCAP content
Expected outcome:
Download succeded
Foreman and Proxy versions:
Version 3.4.1
Foreman and Proxy plugin versions:
Version 3.4.1
Distribution and version:
RHEL 8.7
Other relevant data:
Hello all,
My foreman server and all associated hosts are RHEL 8.7 i’m trying to setup OpenSCAP in order to retrieve reports.
I think i did everything quite good by setting policies and puppet classes; in facts foreman can install through puppet foreman_scap_client.
If I try to run froma a host:
/usr/bin/foreman_scap_client 1
i get this error:
File /var/lib/openscap/content/b7772a4001f865517e30762c406dee80fdab2100ecc010f4408519a979665f6e.xml is missing. Downloading it from proxy.
Download SCAP content xml from: https://myforemanserver:9090/compliance/policies/1/content/b7772a4001f865517e30762c406dee80fdab2100ecc010f4408519a979665f6e
SCAP content is missing and download failed with error: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)

logs from myforemanserver:
2023-02-10T16:20:13 [E] OpenSSL::SSL::SSLError SSL_accept returned=1 errno=0 state=error: tlsv1 alert unknown ca
/usr/share/ruby/webrick/server.rb:299:in accept' /usr/share/ruby/webrick/server.rb:299:in block (2 levels) in start_thread’
/usr/share/ruby/webrick/utils.rb:263:in timeout' /usr/share/ruby/webrick/server.rb:297:in block in start_thread’
/usr/share/gems/gems/logging-2.3.1/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context’

Also to be fair I don’t really understand how certificates works
Any help would be really appreciate.

Related with this?

Thanks for the info but FIPS mode is disabled on both hosts

Today i updated foreman to 3.5.1 but I still have this error. Can anyone please help me?

Can you download the CA rpm file using https?
wget https://foremanproxy/pub/katello-ca-consumer-latest.noarch.rpm

If not you must have registered the host incorrectly. Can try and install the CA it using http with:
yum -y localinstall --nogpgcheck http://foremanproxy/pub/katello-ca-consumer-latest.noarch.rpm