I refreshed the certificates in the /etc/kubernetes/pki
directory. I manually checked each certificate. They are all valid until January 2025.
Yet, when any client tries to connect to the Kubernetes API Server, it always ends up in :8888/api/v1/cfssl/info\": x509: certificate has expired or is not yet valid
, when it’s obviously not true.
I tried to find a duplicate pki
directory, where some old certificates might be still in use, instead. Nothing found. There is only the /etc/kubernetes/pki
directory. I’m not sure, if there is even a possibility to change this default directory.
The certificates are proven to be not expired and be valid until 2025. How do I make the server realise that?