A two node Raft cluster is inadvisable, as if either node fails, the entire cluster will be inoperable.
In general I would discourage people from setting the Raft node ID in the configuration file. If you leave it to Vault to manage, a random UUID will be assigned and stored in the Vault data directory. Setting it in the config file just opens up the possibility of accidentally using the same value on multiple nodes. You cannot easily migrate an existing cluster, but something to bear in mind for the future.
@macmiranda The error message that @pascalrobert showed mentioned request forwarding - request forwarding doesn’t use the user-supplied certificate, Vault internally generates its own.
As @Joffrey mentioned, the mystery hostnames beginning with fw- in the error message are a pretty solid hint that there is some network interception going on in this environment which is sabotaging the communication.