TTL config of SSH engine is not working in UI

[Jamesits]

Describe the bug
In Vault UI, TTL config in SSH engine is not working.

To Reproduce
Steps to reproduce the behavior:

1. Open Vault UI
2. Log in
3. Enable a SSH engine
4. Create an SSH role, click on more options, change TTL or Max TTL with some other vaule than the default 30mins
5. Click "create role"
6. Try to sign a key with it
7. Run ssh-keygen.exe -Lf example.pub to check the actual cert TTL

Expected behavior
Signed cert TTL should be what you set previously.

Actual behavior
Signed cert TTL is 30mins.

Environment:

• Vault Server Version (retrieve with vault status): 1.1.3
• Server Operating System/Architecture: Linux/x64

Additional context
A simple HTTP request analysis shows that ttl and max_ttl fields in the post data is always null no matter what you fill in. This might be the root cause of this problem.

[tmanninger]

Same problem with the pki configuration.
ttl and max_ttl are not saved.

[JakobP]

I reproduced this with a SSH host certificate.

Environment:
Vault Server Version (retrieve with vault status): 1.1.3
Server Operating System/Architecture: CentOS 7

[trolleksii]

I have similar issue with setting TTL for OTP key type in CLI.

Steps to reproduce:

vault login
vault secrets enable ssh
vault write ssh/roles/myrole key_type=otp default_user=sysadmin ttl=10m cidr_list=0.0.0.0/0
vault write ssh/creds/myrole ip=172.19.0.6

Expected behavior:
TTL of the issued OTP should be 10 minutes.

Actual behavior:
TTL of the issued OTP is 768 hours.

Environment:
Vault Server Version: 1.2.3
Server OS: Debian 9

[michelvocks]

Closing this since #7094 has been merged.
@trolleksii Please open a new issue if you still encounter the same issue. Thanks!