Need to add new CIDR for the existing cluster in RKE

We need to update the CIDR from default to our intra network. i tried to update the cluster.yaml with new CIDR for kube-api and controller but the rke up --update-only command is failed with certificate invalid error. after reading this issue Failed to get /health for host - remote error: tls: bad certificate · Issue #1244 · rancher/rke · GitHub i did remove the existing certs and restart again but still failed.
Can anyone help to update the CIDR here?
service_cluster_ip_range: XX.XX.XX.XX/17
cluster_cidr: XX.XX.XX.XX/17
service_cluster_ip_range: XX.XX.XX.XX/17