Skip to content

Renew Kubernetes Cert

Check client cert

Bash
cat ~/.kube/config | grep client-certificate-data | awk '{print $2}' | base64 -d | openssl x509 -text

If your kubernetes certs expired (1 yr is default)

Warning

    Unable to connect to the server: x509: certificate has expired or..

Check and Renew

  • On control plane:

  • Check

Bash
kubeadm certs check-expiration
  • Renew
Bash
kubeadm certs renew all

Reboot control plane