- Documentation
- Kubernetes Blog
- Training
- Partners
- Community
- Case Studies
- Versions
- Release Information
- v1.31
- v1.30
- v1.29
- v1.28
- v1.27
- English
- বাংলা (Bengali)
- 中文 (Chinese)
- Français (French)
- Deutsch (German)
- हिन्दी (Hindi)
- Bahasa Indonesia (Indonesian)
- Italiano (Italian)
- 日本語 (Japanese)
- 한국어 (Korean)
- Polski (Polish)
- Português (Portuguese)
- Русский (Russian)
- Español (Spanish)
- Українська (Ukrainian)
- Tiếng Việt (Vietnamese)
Renew the certificate for the front proxy client
Synopsis
Renew the certificate for the front proxy client.
Renewals run unconditionally, regardless of certificate expiration date; extra attributes such as SANs will be based on the existing file/certificates, there is no need to resupply them.
Renewal by default tries to use the certificate authority in the local PKI managed by kubeadm; as alternative it is possible to use K8s certificate API for certificate renewal, or as a last option, to generate a CSR request.
After renewal, in order to make changes effective, is required to restart control-plane components and eventually re-distribute the renewed certificate in case the file is used elsewhere.
kubeadm certs renew front-proxy-client [flags]
Options
| --cert-dir string Default: "/etc/kubernetes/pki" | |
The path where to save the certificates |
|
| --config string | |
Path to a kubeadm configuration file. |
|
| -h, --help | |
help for front-proxy-client |
|
| --kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. |
|
Options inherited from parent commands
| --rootfs string | |
The path to the 'real' host root filesystem. This will cause kubeadm to chroot into the provided path. |
|
Last modified August 17, 2024 at 3:44 PM PST: update kubeadm reference for v1.31 (88f0080504)