diff --git a/builtin/logical/pki/backend.go b/builtin/logical/pki/backend.go
index b151e5777..e9f509025 100644
--- a/builtin/logical/pki/backend.go
+++ b/builtin/logical/pki/backend.go
@@ -416,6 +416,12 @@ func (b *backend) updatePkiStorageVersion(ctx context.Context, grabIssuersLock b
 		return
 	}
 
+	// If this method is called outside the initialize function, like say an
+	// invalidate func on a performance replica cluster, we should be grabbing
+	// the issuers lock to offer a consistent view of the storage version while
+	// other events are processing things. Its unknown what might happen during
+	// a single event if one part thinks we are in legacy mode, and then later
+	// on we aren't.
 	if grabIssuersLock {
 		b.issuersLock.Lock()
 		defer b.issuersLock.Unlock()
diff --git a/changelog/19037.txt b/changelog/19037.txt
new file mode 100644
index 000000000..2ccd65615
--- /dev/null
+++ b/changelog/19037.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+secrets/pki: Revert fix for PR [18938](https://github.com/hashicorp/vault/pull/18938)
+```