diff --git a/content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md b/content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
index 676e5f7643..094b7a767a 100644
--- a/content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
+++ b/content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
@@ -283,7 +283,7 @@ the node identity with an out of band mechanism.
 {{% thirdparty-content %}}
 
 Third party custom controllers can be used:
-- [kubelet-rubber-stamp](https://github.com/kontena/kubelet-rubber-stamp)
+- [kubelet-csr-approver](https://github.com/postfinance/kubelet-csr-approver)
 
 Such a controller is not a secure mechanism unless it not only verifies the CommonName
 in the CSR but also verifies the requested IPs and domain names. This would prevent