The certificate you have defined in your server configuration on your vault server doesn’t include 127.0.0.1 as one of the valid names in the definition. If you generated the certificate take a look at your crt file to see what names it does have defined.