diff --git a/roles/kubernetes/kubeadm/defaults/main.yml b/roles/kubernetes/kubeadm/defaults/main.yml
index 1f1169ad738c6c2c99cf1ea89b0006b572ff102c..fb2a02baa2b51452cd21ef154fbeeb25e837e092 100644
--- a/roles/kubernetes/kubeadm/defaults/main.yml
+++ b/roles/kubernetes/kubeadm/defaults/main.yml
@@ -12,7 +12,7 @@ kube_override_hostname: >-
   {%- endif -%}
 
 # Requests a fresh upload of certificates from first master
-kubeadm_etcd_refresh_cert_key: false
+kubeadm_etcd_refresh_cert_key: true
 
 # Experimental kubeadm etcd deployment mode. Available only for new deployment
 etcd_kubeadm_enabled: false