When I am signing my cert offline, and then insert the signed cert back into vault, I don’t get the root CA in my ca_chain. I would have expected to be able to add it there, but maybe I shouldn’t? If so, is there another workflow in which I can get the root CA cert and make it available to my clients?