diff --git a/.github/workflows/kubernetes-ci.yml b/.github/workflows/kubernetes-ci.yml
index 84b396cb0b81..ea72fe57144c 100644
--- a/.github/workflows/kubernetes-ci.yml
+++ b/.github/workflows/kubernetes-ci.yml
@@ -68,20 +68,6 @@ jobs:
           echo 'KUBERNETES_CLIENT_TOKEN='"${KUBERNETES_CLIENT_TOKEN_CONTENT}"
           echo 'KUBERNETES_CLIENT_TOKEN_FILE='${KUBERNETES_CLIENT_TOKEN_FILE}
 
-          openssl genrsa -out ./t/certs/k8s_mtls.key 4096
-
-          openssl req -new -key ./t/certs/k8s_mtls.key -config ./t/certs/k8s_mtls_csr.conf -out ./t/certs/k8s_mtls.csr -nodes
-
-          export BASE64_CSR=$(cat ./t/certs/k8s_mtls.csr | base64 | tr -d '\n')
-
-          envsubst < ./t/certs/k8s_mtls_csr.yaml | kubectl apply -f -
-
-          kubectl certificate approve k8s-mtls-csr
-
-          kubectl get csr k8s-mtls-csr -o jsonpath='{.status.certificate}' | base64 --decode > ./t/certs/k8s_mtls.pem
-
-          kubectl get secrets | grep mtls-client | awk '{system("kubectl get secret -o jsonpath=\"{.items[0].data}\"  $1")}'| jq -r '."ca.crt"' | base64 -d > ./t/certs/k8s_mtls_ca.pem
-
           kubectl proxy -p 6445 &
 
       - name: Linux Install
diff --git a/t/kubernetes/discovery/kubernetes.t b/t/kubernetes/discovery/kubernetes.t
index 5e818722b69d..365e377b7119 100644
--- a/t/kubernetes/discovery/kubernetes.t
+++ b/t/kubernetes/discovery/kubernetes.t
@@ -22,7 +22,11 @@ no_root_location();
 no_shuffle();
 workers(4);
 
-our $apiserver_addr = $ENV{'KUBERNETES_APISERVER_ADDR'};
+system('grep client-cert ~/.kube/config |cut -d" " -f 6 | base64 -d > ./t/certs/k8s_mtls.pem');
+system('grep client-key-data ~/.kube/config |cut -d" " -f 6 | base64 -d > ./t/certs/k8s_mtls.key');
+system('grep certificate-authority-data ~/.kube/config |cut -d" " -f 6 | base64 -d > ./t/certs/k8s_mtls_ca.pem');
+
+our $apiserver_addr = $ENV{'KUBERNETES_APISERVER_ADDR'} || "127.0.0.1";
 our $token_file = "/tmp/var/run/secrets/kubernetes.io/serviceaccount/token";
 our $token_value = eval {`cat $token_file 2>/dev/null`};
 our $cert_file = "./t/certs/k8s_mtls.pem";
@@ -360,7 +364,7 @@ deployment:
   role_data_plane:
     config_provider: yaml
 ssl:
-  ssl_trusted_certificate: ${KUBERNETES_CERTIFICATE_AUTHORITY}
+  ssl_trusted_certificate: t/certs/k8s_mtls_ca.pem
   ssl_protocols: TLSv1.2 TLSv1.3
 discovery:
   kubernetes:
diff --git a/t/kubernetes/discovery/kubernetes_mtls.t b/t/kubernetes/discovery/kubernetes_mtls.t
index 940231faa5fd..df7212c6a878 100644
--- a/t/kubernetes/discovery/kubernetes_mtls.t
+++ b/t/kubernetes/discovery/kubernetes_mtls.t
@@ -349,13 +349,12 @@ Content-type: application/json
 --- request
 GET /queries
 [
-  "first/ns-a/ep:p1","first/ns-a/ep:p2","first/ns-b/ep:p1","first/ns-b/ep:p2","first/ns-c/ep:5001","first/ns-c/ep:5002",
-  "second/ns-a/ep:p1","second/ns-a/ep:p2","second/ns-b/ep:p1","second/ns-b/ep:p2","second/ns-c/ep:5001","second/ns-c/ep:5002"
+  "first/ns-a/ep:p1","first/ns-a/ep:p2","first/ns-b/ep:p1","first/ns-b/ep:p2","first/ns-c/ep:5001","first/ns-c/ep:5002"
 ]
 --- more_headers
 Content-type: application/json
 --- response_body eval
-qr{ 2 2 2 2 2 2 2 2 2 2 2 2 }
+qr{ 2 2 2 2 2 2 }