From afd5d46a90fd05204d4722d293785c5058c08b48 Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano.cano@gmail.com>
Date: Thu, 4 May 2023 18:30:09 -0700
Subject: [PATCH] Use vaultcas ttl as a duration string

According to docs at thttps://developer.hashicorp.com/vault/api-docs/secret/pki#ttl
the ttl can be sent as a time.Duration string.

Fixes #1375
---
 cas/vaultcas/vaultcas.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cas/vaultcas/vaultcas.go b/cas/vaultcas/vaultcas.go
index c618a0a0..cac49c13 100644
--- a/cas/vaultcas/vaultcas.go
+++ b/cas/vaultcas/vaultcas.go
@@ -215,7 +215,7 @@ func (v *VaultCAS) createCertificate(cr *x509.CertificateRequest, lifetime time.
 			Bytes: cr.Raw,
 		})),
 		"format": "pem_bundle",
-		"ttl":    lifetime.Seconds(),
+		"ttl":    lifetime.String(),
 	}
 
 	secret, err := v.client.Logical().Write(v.config.PKIMountPath+"/sign/"+vaultPKIRole, vaultReq)