Update documented default CA lifetime (#592)

* Update documented default CA lifetime

The actual default was changed in #403, we just forgot to update the docs accordingly.

* Be more precise

Author: nightkr

docs/modules/secret-operator/pages/secretclass.adoc

@@ -90,7 +90,7 @@ Native support for customizing certificate lifetimes in Stacklet CRDs might be a
 
 Certificate authorities also have a limited lifetime, and need to be rotated before they expire to avoid cluster disruption.
 
-If configured to provision its own CA (`autoTls.ca.autoGenerate`), the Secret Operator will create CA certificates that are valid for 2 years (`autoTls.ca.caCertificateLifetime`), and initiate rotation once less than half of that time remains.
+If configured to provision its own CA (`autoTls.ca.autoGenerate`), the Secret Operator will create CA certificates that are valid for 365 days (≃ 1 year, configurable via `autoTls.ca.caCertificateLifetime`), and initiate rotation once less than half of that time remains.
 
 To avoid disruption and let the new CA propagate through the cluster, the Secret Operator will prefer using the oldest CA that will last for the entire lifetime of the issued certificate.