kubectl minikube renew certificate

8/30/2021

I'm using kubectl to access the api server on my minikube cluster on ubuntu but when try to use kubectl command I got an error certificate expired:

/home/ayoub# kubectl get pods
Unable to connect to the server: x509: certificate has expired or is not yet valid: current time 2021-08-30T14:39:50+01:00 is before 2021-08-30T14:20:10Z

Here's my kubectl config:

/home/ayoub# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://127.0.0.1:16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: REDACTED
root@ayoub-Lenovo-ideapad-720S-13IKB:/home/ayoub#    /home/ayoub# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://127.0.0.1:16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: REDACTED
root@ayoub-Lenovo-ideapad-720S-13IKB:/home/ayoub#

How I can renew this certificate?

-- e2rabi
kubectl
kubernetes
minikube

2 Answers

3/17/2022

The solution described in this blog solved the problem for me:

https://dev.to/boris/microk8s-unable-to-connect-to-the-server-x509-certificate-has-expired-or-is-not-yet-valid-2b73

In summary:

Run sudo microk8s.refresh-certs then restarting the servers to reboot the microk8s cluster

-- Jacob Aae Mikkelsen
Source: StackOverflow

8/31/2021

Posted community wiki for better visibility. Feel free to expand it.


There is similar issue opened on minikube GitHub.

The temporary workaround is to remove some files in the /var/lib/minikube/ directory, then reset Kubernetes cluster and replace keys on the host. Those steps are described in this answer.

-- Mikolaj S.
Source: StackOverflow