It was found that the argument RotateKubeletServerCertificate under --feature-gate in the Controller Manager configuration file is not set to true. In case Kubelets get their certificates from the API server, this argument helps both requesting a serving certificate after bootstrapping and rotate their client credentials.
Recommended Mitigation
It is recommended to edit the Controller Manager configuration file on the master node and set the value ""True"" to the --feature-gates=RotateKubeletServerCertificate argument.