Can't mount TLS certificate into Vault container using only Docker

I’m new to both Vault and Docker, I was working with Vault with Transport Layer Security disabled, now I want to activate it to be able to query Vault over HTTPS I generated self-signed certificates using Openssl by this command

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365

you can find the explanation Here on Stack.

As explained Hashicorp Vault Discussion volumes must be mounted from local into the container.

First, I have created docker volume and I have manually copied the certifications inside that volume

docker volume create vault-volume

I found in the Documentation that adding --mount source=vault-volume,target=path_inside_the_container is likely to help so here is my command

 sudo docker run  --rm  --name hashicorp_vault --mount source=vault-volume,target=/vault/certs \ 
--cap-add=IPC_LOCk -e VAULT_ADDR=http: \
 -e 'VAULT_LOCAL_CONFIG=$config_placeholder' \

Configuration placeholder

"backend": {
         "file": {
                    "path": "/vault/file"
         "listener": [{
                     "address": "","tls_disable":"0", 
         "api_addr": "",
         "cluster_addr": "",
         "ui": "true"

Now I got this error

Error initializing listener of type tcp: error loading TLS cert: open /vault/certs/cert.pem: no such file or directory

The container doesn’t know about the directory but as I understood that I have mounted it so that it will create it for me

I’m missing things here, I’ll appreciate it for you for any helpful explanation and a solution.

shell into the instance and check the volume, most likely it’s a permission problem. Either the owner or the permissions of the files in the cert mount are wrong.

what should be the permissions of the files ? is there any way to mount the volume when the container is running ?

Whatever the vault user is must have read permission on the file and read and execute permission over the directory.