I created a Cluster with 3 Node (HA Setup) and a LoadBalancer in front for rke2 and the k8s api I added the IP of the Loadbalancer to

tls-san

Cluster setup works fine, all 3 nodes are in the k8s cluster.

kubectl get node

does work when using the loaadbalancer IP in my kubeconfig. But when I want to execute a

kubectl logs <pod

I get an error

Error from server: Get "<https://10.0.0.4:10250/containerLogs/kube-system/cilium-9cg2l/cilium-agent?follow=true>": x509: certificate is valid for 127.0.0.1, <publicipv4>, <publicipv6>, not 10.0.0.4

the node has a public and internal interface and it seems the internal ip address is nod added to the kubelet certificate. How can I change this?