I have setup an issuer for Cert manager that uses hashicorp vault as a PKI backend. What I find curious is that the issuer contains path to the signing endpoint:
spec:
vault:
server: http://vault.ns:8200
path: pki/sign/endpoint
however I do not see any way to configure CRL endpoint. The documentation states:
Besides creation, these certificates can be revoked and removed. I am quite clear on the creation and removal part, however how does one actually revoke certificates? The CA and Self Signed issuers both provide a configuration for CRL endpoint, but this is not the case for Vault.
Thank you!