Use tidy_revoked_certs instead of tidy_revocation_list (#5608)

builtin/logical/pki/ca_test.go

@@ -509,7 +509,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
 			resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
 				"safety_buffer":      "3h",
 				"tidy_cert_store":    true,
-				"tidy_revocation_list": true,
+				"tidy_revoked_certs": true,
 			})
 			if err != nil {
 				t.Fatal(err)
@@ -530,7 +530,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
 			resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
 				"safety_buffer":      "1s",
 				"tidy_cert_store":    false,
-				"tidy_revocation_list": false,
+				"tidy_revoked_certs": false,
 			})
 			if err != nil {
 				t.Fatal(err)
@@ -551,7 +551,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
 			resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
 				"safety_buffer":      "1s",
 				"tidy_cert_store":    true,
-				"tidy_revocation_list": true,
+				"tidy_revoked_certs": true,
 			})
 			if err != nil {
 				t.Fatal(err)

website/source/guides/secret-mgmt/pki-engine.html.md

@@ -673,7 +673,7 @@ expired and are past a certain buffer period beyond their expiration time.
 To remove revoked certificate and clean the CRL.
 
 ```plaintext
-$ vault write pki_int/tidy tidy_cert_store=true tidy_revocation_list=true
+$ vault write pki_int/tidy tidy_cert_store=true tidy_revoked_certs=true
 ```
 
 #### API call using cURL
@@ -686,7 +686,7 @@ the CRL.
 ```plaintext
 $ curl --header "X-Vault-Token: ..." \
        --request POST \
-       --data '{"tidy_cert_store": true, "tidy_revocation_list": true}' \
+       --data '{"tidy_cert_store": true, "tidy_revoked_certs": true}' \
        https://127.0.0.1:8200/v1/pki_int/tidy
 ```