Describe the bug
We've recently upgraded Vault from 1.10.3 -> 1.12.

When we went to create a new CA, we received a 500 error.

vault write pki/root/root/rotate/internal <fields>
Error writing data to pki/root/root/rotate/internal: Error making API request.
URL: PUT https://<redacted>/v1/pki/root/root/rotate/internal
Code: 500. Errors:
* 1 error occurred:
	* error building CRLs: unable to build CRL for issuer (<issuer>): error parsing CRL duration of

Our CRL is configured as follows:

vault read pki/root/config/crl
Key                          Value
---                          -----
auto_rebuild                 false
auto_rebuild_grace_period    12h
delta_rebuild_interval       n/a
disable                      true
enable_delta                 false
expiry                       n/a
ocsp_disable                 false
ocsp_expiry                  12h

Since the CRL is disabled, should it not be checking the expiry time? I believe that the expiry time should be be parsed below the disable check here

To Reproduce
Steps to reproduce the behavior:
We have our CRL disabled and we had the expiry unset (as seen by the above). With the expiry unset (n/a), attempt to rotate the credentials. We've upgraded Vault several times now, so it's possible we have a legacy config. However, if it's possible for the expiry time to be null, then this should be reproducible.

Expected behavior
A clear and concise description of what you expected to happen.

I expected the rotation to complete without this error, since the CRL is disabled.

Environment:

• Vault Server Version (retrieve with vault status): 1.12
• Vault CLI Version (retrieve with vault version): 1.7.3
• Server Operating System/Architecture:

Additional context
Add any other context about the problem here.