2 Dead Rancher clusters due to expired certificates (Rancher 2.2.4)

OK yes this isnt my first post on the subject regretfully currently one after the other rancher cluster is failing with the same errors.

We are hitting the issue that the certificatesa are expiring and a simple rke cert rotate does not fix this, for what ever reason.

So after lost of trial and error I am now at a point that I have done a rke up after deleting my /etc/kubernetes folder on my clusters and that brings up some of cluster again but I am stuck at the kube-apiserver not working right with error :
authentication.go:65] Unable to authenticate the request due to an error: [invalid bearer token, [invalid bearer token, square/go-jose: error in cryptographic primitive]]

Which is preventing all further kuberneteas/rancher service from becominig available

So my question is simply how to fix this if there is now way to interact with the cluster other then RKE (kubectl logiclly doesnt work as none of the web/api services come up)

So simply put is there a way to recover from this status ?

If you deleted /etc/kubernetes I think you are out of luck. Can you recover the deleted folder? You need /etc/kubernetes/ssl

I have exactly the same problem with 2.5-head.
I’m stuck since weeks now!!