This page describe how to manage MicroK8s. If a case is not documented in this page, it is possible to browse the official documentation.

Renew the TLS certificates of the cluster

The TLS certificates of a MicroK8s cluster expire after a year. The following steps describe how to renew these certificates:

  1. Check the expiration of the certificates:

    sudo microk8s refresh-certs -c

    This should produce an output similar to:

    The CA certificate will expire in 3283 days.
    The server certificate will expire in -2 days.
    The front proxy client certificate will expire in -2 days.
  2. Renew the server certificate:

    sudo microk8s refresh-certs --cert server.crt
  3. Renew the front-proxy-client certificate:

    sudo microk8s refresh-certs --cert front-proxy-client.crt


To troubleshoot MicroK8s, please read the dedicated documentation.

Back to top