Upload the certificates to the config map and get the key hash.
kubeadm init phase upload-certs --upload-certs
Output should look like:
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
<hash>
kubeadm token create --print-join-command
The output will be like this:kubeadm join <cluster_ip>:6443 --token <token_id> --discovery-token-ca-cert-hash sha256:<hash>
Take that output and add the following parameters.
--control-plane --certificate-key <Hash from Step 1>
If you are running Kuberentes 1.24 or just not using Docker you may need to add a command to use your CRI. This is for containerd:
--cri-socket unix:///run/containerd/containerd.sock