diff --git a/kubernetes-client-api/src/main/java/io/fabric8/kubernetes/client/Config.java b/kubernetes-client-api/src/main/java/io/fabric8/kubernetes/client/Config.java
index 89ce3f8b599..91e891b7579 100644
--- a/kubernetes-client-api/src/main/java/io/fabric8/kubernetes/client/Config.java
+++ b/kubernetes-client-api/src/main/java/io/fabric8/kubernetes/client/Config.java
@@ -782,18 +782,26 @@ private static void mergeKubeConfigAuthProviderConfig(Config config, AuthInfo cu
 
   private static void mergeKubeConfigExecCredential(Config config, ExecConfig exec, File configFile)
       throws IOException {
-    if (exec != null) {
-      try {
-        ExecCredential ec = getExecCredentialFromExecConfig(exec, configFile);
-        if (ec != null && ec.status != null && ec.status.token != null) {
-          config.setAutoOAuthToken(ec.status.token);
-        } else {
-          LOGGER.warn("No token returned");
-        }
-      } catch (InterruptedException interruptedException) {
-        Thread.currentThread().interrupt();
-        throw KubernetesClientException.launderThrowable("failure while running exec credential ", interruptedException);
+    if (exec == null) {
+      return;
+    }
+    try {
+      ExecCredential ec = getExecCredentialFromExecConfig(exec, configFile);
+      if (ec == null || ec.status == null) {
+        LOGGER.warn("The generated exec credential is null or its content is invalid");
+        return;
+      }
+      if (ec.status.token != null) {
+        config.setAutoOAuthToken(ec.status.token);
+      } else if (ec.status.clientCertificateData != null && ec.status.clientKeyData != null) {
+        config.setClientCertData(ec.status.clientCertificateData);
+        config.setClientKeyData(ec.status.clientKeyData);
+      } else {
+        LOGGER.warn("Both token and certificate are unavailable");
       }
+    } catch (InterruptedException interruptedException) {
+      Thread.currentThread().interrupt();
+      throw KubernetesClientException.launderThrowable("failure while running exec credential ", interruptedException);
     }
   }
 
@@ -898,6 +906,8 @@ public static final class ExecCredentialSpec {
   @JsonIgnoreProperties(ignoreUnknown = true)
   public static final class ExecCredentialStatus {
     public String token;
+    public String clientCertificateData;
+    public String clientKeyData;
     // TODO clientCertificateData, clientKeyData, expirationTimestamp
   }