k8s certificate inverse solution 1, the k8s profile (kubelet.kubeconfig) in client-certificate-data: copy the contents of 2, echo "client-certificate- data: Content" | Base64 -d> 123.pem . 3, showing the content of the certificate: cfssl-certinfo -cert 123.pem