Common_name recommendations for vault agent certs

I’ve noticed that there are very specific recommendations for what the “common_name” value should be for Nomad and Consul (i.e., server.local.consul, etc.). Is there a similar pattern for Vault agents? I have not been able to find anything in the Vault Learn guides, and the PKI setup guide just uses

I’m configuring Vault to use Raft internal storage and Consul service registration, but Vault is the CA for Consul so I can’t rely on Consul for initial hostname resolution.

Thanks in advance,

Specifically, is there a server.dc.vault convention?