Aggregated API client certificates are used to authenticate the KubeAPIServer when connecting to the Aggregated API Servers.
These certificates are managed by the system and not the user.
This CA is valid for 30 days.
The managed client certificates are valid for 30 days.
CA and client certificates are rotated automatically through the use of controllers.
You cannot customize the aggregated API server certificates.