feat: add ca_certificate field in vault-kv relation

[gboutry]

Vault-k8s has been refactored to always have TLS enabled. The CA certificate is needed to validate the vault server's identity.