Vault project for storing private keys

There is RESTful web-service which runs on Tomcat and takes private key from PostgreSQL database to sign some data. I am considering to use Vault project for private key management. As I understand, it stores private key in a selected backend storage using vault write which later can be retrieved with vault read command. Is there any way to make Vault output not a private key but already signed data with specific Java class or other service? How to reduce private key visibility? Any other options?