When I create a kubernetes cluster I'm getting message as
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
kubeadm init phase upload-certs --upload-certs
to reload certs afterward.
Even if I run the above command when will the new certs expire? Is there any way to set expiration time manually?
Expiry of certificates generated by kubeadm is 365 days. For safety reasons the certificates which are uploaded as secrets into the kubernetes cluster are deleted after 2 hours but that does not mean that the certificates are expired after 2 hours. Certificates will still be valid for 365 days and reside in the file system of the control plane nodes and when you run
kubeadm init phase upload-certs --upload-certs
it will be uploaded again as secret into the Kubernetes cluster.From the docs here you can use below command to check expiration of certificates