I've verified that adding the internal certs necessary to the file $JAVA_HOME/jre/lib/security/cacerts, which is what was suggested on the Stackoverflow link, works with SSLPoke.

But the vault plugin doesn't seem to use this cert bundle. So I tried making one in the suggested directory on the 3.0.0 release page which is $JAVA_HOME/lib/jre/cacerts and verified the contents work with SSLPoke. But that also doesn't work for the plugin.

I'm willing to send more debugging information if it's needed.