ES 8.2.2 java client keystore loading issue

gistfile1.txt

CODE
	private void setup() {
		environment.logDebug("ProviderClient.setup-");
		List<List<String>>clstr = (List<List<String>>)environment.getProperties().get("Clusters");
		List<String>cx = clstr.get(0);
		String name = cx.get(0);
		String p = cx.get(1);
		int port = Integer.parseInt(p);
		String cert = environment.getStringProperty("ESCertPath");
		System.out.println("Cert: "+cert);
		String pwd = environment.getStringProperty("AdminPWD");
		String uname = environment.getStringProperty("AdminName");
		String ksPwd = environment.getStringProperty("KeystorePWD");
		String keyPath = environment.getStringProperty("KeyPath");
	    Path trustStorePath = Paths.get(keyPath);

		Path caCertificatePath = Paths.get(cert);
		Certificate trustedCa = null;
		try {
			CertificateFactory factory =
			    CertificateFactory.getInstance("X.509");
			
			try (InputStream is = Files.newInputStream(caCertificatePath)) {
			    trustedCa = factory.generateCertificate(is);
			}
			KeyStore trustStore = KeyStore.getInstance("pkcs12");
			System.out.println("ABC "+keyPath);
			try (InputStream is = Files.newInputStream(trustStorePath)){
		        trustStore.load(is, ksPwd.toCharArray());   // <<< failing here
		    }
			trustStore.setCertificateEntry("ca", trustedCa);
			SSLContextBuilder sslContextBuilder = SSLContexts.custom()
			    .loadTrustMaterial(trustStore, null);

			final SSLContext sslContext = sslContextBuilder.build();
			BasicCredentialsProvider credsProv = new BasicCredentialsProvider();
	        credsProv.setCredentials(
	            AuthScope.ANY, new UsernamePasswordCredentials(uname, pwd)
	        );
	        
	        restClient = RestClient.builder(
	        	    new HttpHost("localhost", 9200, "https"))
	                .setHttpClientConfigCallback(hc -> hc.setDefaultCredentialsProvider(credsProv))
	                .setHttpClientConfigCallback(new HttpClientConfigCallback() {
	        	        @Override
	        	        public HttpAsyncClientBuilder customizeHttpClient(
	        	            HttpAsyncClientBuilder httpClientBuilder) {
	        	            return httpClientBuilder.setSSLContext(sslContext);
	        	        }
	        	    }).build();
	        
	        transport = new RestClientTransport(restClient, new JacksonJsonpMapper());
	        client = new ElasticsearchClient(transport);
		} catch (Exception e) {
			e.printStackTrace();
			environment.logError(e.getMessage(), e);
		}

NOTE line 29 above is where failure occurs.
LOG

ERROR 2022-06-18 15:04:40,152 [main] - DerInputStream.getLength(): lengthTag=87, too big.
java.io.IOException: DerInputStream.getLength(): lengthTag=87, too big.
	at sun.security.util.DerInputStream.getLength(DerInputStream.java:599)
	at sun.security.util.DerValue.init(DerValue.java:391)
	at sun.security.util.DerValue.<init>(DerValue.java:332)
	at sun.security.util.DerValue.<init>(DerValue.java:345)
	at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1938)
	at java.security.KeyStore.load(KeyStore.java:1445)
	at org.topicquests.es.ProviderClient.setup(ProviderClient.java:108)
	at org.topicquests.es.ProviderClient.<init>(ProviderClient.java:77)
	at org.topicquests.es.ProviderEnvironment.<init>(ProviderEnvironment.java:26)
	at devtests.FirstQueryTest.<init>(FirstQueryTest.java:38)