diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
index 2f90ecbdc..a0332fcf5 100644
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -1112,3 +1112,10 @@ https://github.com/helm/helm/blob/50c22ed7f953fadb32755e5881ba95a92da852b2/pkg/e
 {{- $config | nindent 4 | trim }}
 {{- end -}}
 {{- end -}}
+
+{{/*
+vault internal k8s address
+*/}}
+{{- define "vault.internalAddress" -}}
+{{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}{{- if eq .mode "ha" -}}-active{{- end -}}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
+{{- end -}}
diff --git a/templates/csi-agent-configmap.yaml b/templates/csi-agent-configmap.yaml
index 18cdb04ac..6217d453f 100644
--- a/templates/csi-agent-configmap.yaml
+++ b/templates/csi-agent-configmap.yaml
@@ -21,7 +21,7 @@ data:
         {{- if .Values.global.externalVaultAddr }}
         "address" = "{{ .Values.global.externalVaultAddr }}"
         {{- else }}
-        "address" = "{{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}"
+        "address" = "{{ include "vault.internalAddress" . }}"
         {{- end }}
     }
 
diff --git a/templates/csi-daemonset.yaml b/templates/csi-daemonset.yaml
index aacce0a27..874683e48 100644
--- a/templates/csi-daemonset.yaml
+++ b/templates/csi-daemonset.yaml
@@ -76,7 +76,7 @@ spec:
             {{- else if .Values.global.externalVaultAddr }}
               value: "{{ .Values.global.externalVaultAddr }}"
             {{- else }}
-              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
+              value: {{ include "vault.internalAddress" . }}
             {{- end }}
           volumeMounts:
             - name: providervol
diff --git a/templates/injector-deployment.yaml b/templates/injector-deployment.yaml
index 822e8e41d..7ce48b206 100644
--- a/templates/injector-deployment.yaml
+++ b/templates/injector-deployment.yaml
@@ -64,7 +64,7 @@ spec:
             {{- else if .Values.injector.externalVaultAddr }}
               value: "{{ .Values.injector.externalVaultAddr }}"
             {{- else }}
-              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
+              value: {{ include "vault.internalAddress" . }}
             {{- end }}
             - name: AGENT_INJECT_VAULT_AUTH_PATH
               value: {{ .Values.injector.authPath }}
diff --git a/templates/tests/server-test.yaml b/templates/tests/server-test.yaml
index 20e2e5a5a..65e6d7f13 100644
--- a/templates/tests/server-test.yaml
+++ b/templates/tests/server-test.yaml
@@ -21,7 +21,7 @@ spec:
       imagePullPolicy: {{ .Values.server.image.pullPolicy }}
       env:
         - name: VAULT_ADDR
-          value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
+          value: {{ include "vault.internalAddress" . }}
         {{- include "vault.extraEnvironmentVars" .Values.server | nindent 8 }}
       command:
         - /bin/sh
diff --git a/test/unit/csi-agent-configmap.bats b/test/unit/csi-agent-configmap.bats
index 515e4c84e..df2ea38f1 100644
--- a/test/unit/csi-agent-configmap.bats
+++ b/test/unit/csi-agent-configmap.bats
@@ -61,4 +61,26 @@ load _helpers
       . | tee /dev/stderr |
       yq -r '.data["config.hcl"]' | tee /dev/stderr)
   echo "${actual}" | grep "http://vault-outside"
-}
\ No newline at end of file
+}
+
+@test "csi/Agent-ConfigMap: Vault internal addr" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      --show-only templates/csi-agent-configmap.yaml \
+      --set "csi.enabled=true" \
+      --set 'server.ha.enabled=false' \
+      . | tee /dev/stderr |
+      yq -r '.data["config.hcl"]' | tee /dev/stderr)
+  echo "${actual}" | grep "http://release-name-vault.default.svc:8200"
+}
+
+@test "csi/Agent-ConfigMap: Vault internal HA addr" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      --show-only templates/csi-agent-configmap.yaml \
+      --set "csi.enabled=true" \
+      --set 'server.ha.enabled=true' \
+      . | tee /dev/stderr |
+      yq -r '.data["config.hcl"]' | tee /dev/stderr)
+  echo "${actual}" | grep "http://release-name-vault-active.default.svc:8200"
+}
diff --git a/test/unit/injector-deployment.bats b/test/unit/injector-deployment.bats
index 7b2bb5ae9..39b49959e 100755
--- a/test/unit/injector-deployment.bats
+++ b/test/unit/injector-deployment.bats
@@ -1126,3 +1126,27 @@ EOF
       yq -r '.spec.strategy.rollingUpdate.maxUnavailable' | tee /dev/stderr)
   [ "${actual}" = "1" ]
 }
+
+@test "injector/deployment: internal Vault standalone addr" {
+  cd `chart_dir`
+  local object=$(helm template \
+      --show-only templates/injector-deployment.yaml \
+      --set 'server.ha.enabled=false' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
+  local value=$(echo $object |
+      yq -r 'map(select(.name=="AGENT_INJECT_VAULT_ADDR")) | .[] .value' | tee /dev/stderr)
+  [ "${value}" = "http://release-name-vault.default.svc:8200" ]
+}
+
+@test "injector/deployment: internal Vault HA addr" {
+  cd `chart_dir`
+  local object=$(helm template \
+      --show-only templates/injector-deployment.yaml \
+      --set 'server.ha.enabled=true' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
+  local value=$(echo $object |
+      yq -r 'map(select(.name=="AGENT_INJECT_VAULT_ADDR")) | .[] .value' | tee /dev/stderr)
+  [ "${value}" = "http://release-name-vault-active.default.svc:8200" ]
+}