From 281bef078177d012f7ccef508fdd6cdc4a6b9a55 Mon Sep 17 00:00:00 2001
From: James Protzman <JNProtzman@gmail.com>
Date: Thu, 27 Oct 2022 10:47:17 -0400
Subject: [PATCH] Default crl expiry (#17693)

Ref: https://github.com/hashicorp/vault/issues/17642
---
 builtin/logical/pki/storage.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/builtin/logical/pki/storage.go b/builtin/logical/pki/storage.go
index bff777c8a9c76..8bdd411497298 100644
--- a/builtin/logical/pki/storage.go
+++ b/builtin/logical/pki/storage.go
@@ -1180,6 +1180,12 @@ func (sc *storageContext) getRevocationConfig() (*crlConfig, error) {
 		result.Version = 2
 	}
 
+	// Depending on client version, it's possible that the expiry is unset.
+	// This sets the default value to prevent issues in downstream code.
+	if result.Expiry == "" {
+		result.Expiry = defaultCrlConfig.Expiry
+	}
+
 	return &result, nil
 }