Comment 3 for bug 1947265

Hello

I think the problem is that vault charm doesn't seperate root CA pki path and intermediate path.

Please refer to vault tutorial. ( https://learn.hashicorp.com/tutorials/vault/pki-engine )

They are seperating them. pki and pki_int.

So even get_csr overwrite intermediate, they can be recovered by step 2.4(on tutorial)

But in our charm env, we only have charm-pki-local.

When we do get_csr, then it breaks cert, so we need to make signed csr, it doesn't work with step 2.4.
It shows us "stored CA information not able to be parsed" error.