I am enabling smart store on Splunk 7.2.6 with SSE-C. My smart store is working without SSL parameters successfully.

https://docs.splunk.com/Documentation/Splunk/7.2.5/Indexer/SmartStoresecuritystrategies

After adding below configuration to /opt/splunk/etc/_master-apps/_cluster/local/indexes.conf trying to apply the bundle to form clustermaster UI and facing an issue: Bad SSL settings for KMS leading to bad ssl context for volume=remote_store.
I am using AWS role for S3 buket access.

[volume:remote_store]
storageType = remote
path = s3://buket-name
remote.s3.access_key = 
remote.s3.secret_key = 
remote.s3.endpoint = https://s3.us-west-2.amazonaws.com
remote.s3.encryption = sse-c
remote.s3.encryption.sse-c.key_type = kms
remote.s3.encryption.sse-c.key_refresh_interval = 86400
remote.s3.kms.auth_region = us-west-2
remote.s3.kms.key_id = xxxxxxxxxxxxxxxxxxxxxxxx
remote.s3.kms.sslAltNameToCheck = s3.us-west-2.amazonaws.com
remote.s3.kms.sslVerifyServerCert = true
remote.s3.kms.sslVersions = tls1.2
remote.s3.kms.sslRootCAPath = /tmp/s3.us-west-2.amazonaws.com.pem
remote.s3.kms.cipherSuite = ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256
remote.s3.kms.ecdhCurves = prime256v1,secp384r1,secp521r1

My Splunk env is running on AWS EC2 instances.
s3.us-west-2.amazonaws.com.pem is pem cert with root chain included