kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve doc on certificates (#12579)

This commit is contained in:
Dario Maiocchi 2019-02-17 16:45:06 +01:00 committed by Kubernetes Prow Robot
parent d521f97eab
commit f156d51ddb
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
View File

@ -23,7 +23,9 @@ You should be familiar with [PKI certificates and requirements in Kubernetes](/d
## Renew certificates with the certificates API
Kubeadm can renew certificates with the `kubeadm alpha certs renew` commands.
The Kubernetes certificates normally reach their expiration date after one year.
Kubeadm can renew certificates with the `kubeadm alpha certs renew` commands; you should run these commands on control-plane nodes only.
Typically this is done by loading on-disk CA certificates and keys and using them to issue new certificates.
This approach works well if your certificate tree is self-contained. However, if your certificates are externally