CA cert to validate external Vault HTTPS endpoint

Hi Team,
I am using vault-agent-sidecar to retrieve secrets from External Vault Server. The Server is listening on HTTPS endpoint and is signed by well-known CA.

In this case, does the client side annotation should still have annotation of which point to CA bundle or it can be optional here.

from Agent Sidecar Injector Annotations | Vault | HashiCorp Developer, it has just one liner explaination.

Please clarify.