HashiCorp Vault PKI provisioning

During provisioning of a subordinate CA certificate to a HashiCorp Vault PKI secrets engine, the driver:

• Invokes the Vault API to generate the key pair and CSR for the CA. 
• Retrieves the CSR and enrolls it with a CA that supports issuance of subordinate CA certificates, such as Microsoft ADCS. 
• Invokes the Vault API to install the signed CA certificate in the Vault PKI secrets engine. The certificate enables the CA to issue end-entity certificates via the HashiCorp role. 
• Provisions the role information to the Vault. Only role information that was created by the Web SDK can provision to the vault.

To provision, you can use POST PKI/HashiCorp/CAPOST PKI/HashiCorp/Role.