一、RKE证书过期

官网：轮换证书 https://docs.rancher.cn/docs/rancher2/cluster-admin/certificate-rotation/_index/

Rancher-K8S 轮换证书 https://www.xtplayer.cn/rancher/rotate-cert/ 证书过期导致Rancher无法打开UI的问题 https://www.mayanpeng.cn/archives/120.html

二、K3S证书过期

超稳攻略！Rancher 2.3手动轮换证书，保护集群安全！ https://www.cnblogs.com/rancherlabs/p/14070114.html k3s证书轮转验证 http://kingsd.top/2020/07/01/k3s-cert-rotary/

k3s安装的rancher登录界面报错：

Get "https://10.43.0.1:443/apis/management.cattle.io/v3/settings/ui-pl?timeout=15m0s": x509: certificate has expired or is not yet valid: current time 2022-01-19T03:58:43Z is after 2021-12-19T13:52:44Z

K3S证书过期： 下面内容参考：http://kingsd.top/2020/07/01/k3s-cert-rotary/ 查看证书过期时间：

for i in `ls /var/lib/rancher/k3s/server/tls/*.crt`; do echo $i; openssl x509 -enddate -noout -in $i; done

1、时间修改为 2022-01-09 22：12：00

/var/lib/rancher/k3s/server/tls/client-admin.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-auth-proxy.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-ca.crt
notAfter=Dec 17 13:43:20 2030 GMT
/var/lib/rancher/k3s/server/tls/client-cloud-controller.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-controller.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-k3s-controller.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-kube-apiserver.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-kube-proxy.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/client-scheduler.crt
notAfter=Dec 19 13:52:37 2021 GMT
/var/lib/rancher/k3s/server/tls/request-header-ca.crt
notAfter=Dec 17 13:43:20 2030 GMT
/var/lib/rancher/k3s/server/tls/server-ca.crt
notAfter=Dec 17 13:43:20 2030 GMT
/var/lib/rancher/k3s/server/tls/serving-kube-apiserver.crt
notAfter=Dec 19 13:52:37 2021 GMT

可以确认 k3s集群的过期时间为Dec 19 13:52:37 2021 GMT 解决办法：参考上面链接， 再补充一点， 在重启service k3s restart，登录rancher后，会有报错，提示已存在的名称，在命令下用crictl ps -a 命令查看，并删除状态为exted的pod（crictl rm cid），秒等片刻，即可正常启动rancher成功。