I’ve set up Vault with PKI intermediate CA, activated ACME ad tuned issued certs to TTL=90d
This works fine.
When I use ACME with Certbot, the certificates get a validity for only 7 Days.
I figured out, this comes from the “default lease TTL” showed on the Dashboard in the Configuration details area.
I set it to ttl= 30 days and the new issued certificates also got this validity period and still ignoring the default_ttl from the PKI role.
How to solve it? I don’t want to set the default ttl for the “whole system” tokens to 90 days to get certificates valid for 90 days.