Is the -e FLEET_SERVER_ES_CA= "/local/server/path/to/volumes/certs/http_ca.crt" really available in the Fleet server? I'd double check in the logs what is happening there.
Alternatively, you could try --fleet-server-es-insecure when working with a self generated CA (see Elastic Agent command reference | Fleet and Elastic Agent Guide [8.11] | Elastic for the background of the command).