not able to consume API using rest template on production

Question

In a spring boot application trying to consume a POST API using rest template. No issues in personal/localhost environment. But when application is deployed on production it is showing

unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target` error.

below is the code that is running fine at my end..

RestTemplate restTemplate = new RestTemplate();

HttpHeaders headers = new HttpHeaders();
headers.add("Content-Type", MediaType.APPLICATION_JSON_VALUE);

JSONObject obj =new JSONObject();
obj.put("password", "<password>");
obj.put("username", "<username>");
            
ResponseEntity<SimAccessToken> response = null;
HttpEntity formEntity = new HttpEntity(obj, headers);
try {
    response = restTemplate.exchange("https://simapi.icta.mu/icta/auth/login", HttpMethod.POST,
                        formEntity, SimAccessToken.class);
    if(response==null) {
        long l_end_time = System.currentTimeMillis();
        l_diff = l_end_time-l_time_start;
        return  new ResponseEntity<CoreResponseHandler>(new SuccessResponseBeanRefined(HttpStatus.INTERNAL_SERVER_ERROR, ResponseStatusEnum.FAILED, ApplicationResponse.Failed,"sim api access token null",l_diff+" ms"),HttpStatus.INTERNAL_SERVER_ERROR);
    }
    if(response!=null) {
                    
        SimAccessToken simAccessToken = response.getBody();
        if(simAccessToken==null) {
            long l_end_time = System.currentTimeMillis();
            l_diff = l_end_time-l_time_start;
            return  new ResponseEntity<CoreResponseHandler>(new SuccessResponseBeanRefined(HttpStatus.INTERNAL_SERVER_ERROR, ResponseStatusEnum.FAILED, ApplicationResponse.Failed,"sim api access token null",l_diff+" ms"),HttpStatus.INTERNAL_SERVER_ERROR);
        }
        return callSimApi(simAccessToken.getAccessToken(),customerDetail2);
    }
} catch (HttpStatusCodeException ex) {
    System.out.println("Exception...");
    ex.printStackTrace();
    int statusCode = ex.getStatusCode().value();
    String abcObj =ex.getResponseBodyAsString();
    JSONParser parser = new JSONParser();
    JSONObject obj2 = (JSONObject)parser.parse(abcObj);
    System.out.println(obj2.toJSONString());
    long l_end_time = System.currentTimeMillis();
    l_diff = l_end_time-l_time_start;
    return  new ResponseEntity<CoreResponseHandler>(new SuccessResponseBeanRefined(HttpStatus.INTERNAL_SERVER_ERROR, ResponseStatusEnum.FAILED, ApplicationResponse.Failed,obj2,l_diff+" ms"),HttpStatus.INTERNAL_SERVER_ERROR);
}

No issues. I am able to get perfect response with all access token & refresh tokens.

But when this flow is run in production I am getting below error:

org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://simapi.icta.mu/icta/auth/login": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:675)
        at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:622)
        at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:540)
        at com.ekyc.service.EkycServiceImpl.updateCustomerWithSelfie(EkycServiceImpl.java:198)
        at com.ekyc.controller.MainController.process_put_id(MainController.java:51)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
        at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
        at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:854)
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:765)
        at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
        at org.springframework.web.servlet.FrameworkServlet.doPut(FrameworkServlet.java:883)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:663)
        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
       

I don't understand. How do I rectify this issue.

update

I tested the reachability of particular api from production server. It is reachable.

curl --header "Content-Type: application/json" --request POST --data '{"username":"<username>","password":"<password>"}' https://simapi.icta.mu/icta/auth/login

able to get same response. But why am I not able to get this same response from rest template