Errors encountered in getting started with vault

My configuration file looks like this:

root@docker-agent:~# cat /etc/vault.d/vault.hcl 
cluster_addr  = "https://12.0.0.40:8201"
api_addr      = "https://12.0.0.40:8200"
cluster_name  = "Vault-Test"
disable_mlock = true
ui            = true

listener "tcp" {
  address            = "0.0.0.0:8200"
  tls_cert_file      = "/root/vault/certs.d/vault-cert.pem"
  tls_key_file       = "/root/vault/certs.d/vault-key.pem"
  tls_client_ca_file = "/root/vault/certs.d/vault-ca.pem"
}


storage "raft" {
  path    = "/opt/vault/data"
  node_id = "node-1"

  retry_join {
    leader_tls_servername   = "vault.xxxxx.com"
    leader_api_addr         = "https://12.0.0.40:8200"
    leader_ca_cert_file     = "/root/vault/certs.d/vault-ca.pem"
    leader_client_cert_file = "/root/vault/certs.d/vault-cert.pem"
    leader_client_key_file  = "/root/vault/certs.d/vault-key.pem"
  }
}

When I execute vault status, I get this error:

Error checking seal status: Get "https://127.0.0.1:8200/v1/sys/seal-status": tls: failed to verify certificate: x509: cannot validate certificate for 127.0.0.1 because it doesn't contain any IP SANs

Then I performed the following

export VAULT_ADDR='https://vault.xxxx.com:8200'
export VAULT_CAPATH='/root/vault/certs.d/vault-cert.pem'

It returns the correct result

root@docker-agent:~# vault status  
Key                Value
---                -----
Seal Type          shamir
Initialized        false
Sealed             true
Total Shares       0
Threshold          0
Unseal Progress    0/0
Unseal Nonce       n/a
Version            1.15.6
Build Date         2024-02-28T17:07:34Z
Storage Type       raft
HA Enabled         true

I don’t want to use export at the moment, what should I do?