Recovering from expired control plane certificates
This is from Red Hat Open Course Red Hat OpenShift Container Platform 4 Troubleshooting: Cluster Recovery
Firstly, I used a vm (classroom) to do
[user1@classroom ~]$ export KUBECONFIG=/home/user1/training1/auth/kubeconfig
[user1@classroom ~]$ oc get nodes
Unable to connect to the server: x509: certificate has expired or is not yet valid
Then, I followed document to fix the problem and made sure that all CSRs are already approved.
But I still got the same error message when tried to oc get nodes from that vm.
I doubt whether using temporary kube-apiserver to approve CSRs has nothing to do with the original content of KUBECONFIG in tha vm at all?
If I would like to oc login to the cluster on that vm within valid certificate period, what should I do?