Certificate Signing Request Approved but Certificate not issued

Install Vault from scratch with HA: true and raft: true but understand I must provide certificate to support connection between pods.
I’ve follow this guide: Standalone Server with TLS | Vault | HashiCorp Developer

But stuck here:

serverCert=$(kubectl get csr ${CSR_NAME} -o jsonpath='{.status.certificate}')

Seem the step before:

 kubectl get csr ${CSR_NAME}
NAME        AGE     SIGNERNAME                                    REQUESTOR                        CONDITION
vault-csr   1m13s   kubernetes.io/kubelet-serving                 kube-admin                 Approved

didn’t finish well - it seems I missed the after-certificate issue - but in my case, it’s only approved and that’s it.

What can be done?