diff --git a/charts/kube-prometheus-stack/Chart.yaml b/charts/kube-prometheus-stack/Chart.yaml
index 687d5632c30b..08a090a0946d 100644
--- a/charts/kube-prometheus-stack/Chart.yaml
+++ b/charts/kube-prometheus-stack/Chart.yaml
@@ -31,7 +31,7 @@ name: kube-prometheus-stack
 sources:
   - https://github.com/prometheus-community/helm-charts
   - https://github.com/prometheus-operator/kube-prometheus
-version: 77.11.0
+version: 77.11.1
 # renovate: github=prometheus-operator/prometheus-operator
 appVersion: v0.85.0
 kubeVersion: ">=1.25.0-0"
diff --git a/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py b/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py
index 9a3aee82c112..2390d078cb21 100755
--- a/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py
+++ b/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py
@@ -221,6 +221,10 @@ def new_representer(dumper, data):
     '$.Values.defaultRules.node.fsSelector': {
         'replacement': '{{ $.Values.defaultRules.node.fsSelector }}',
         'init': ''},
+    # 601200 seconds = 6 days 22 hour. Used as the default threshold for kubeClientCertificateExpira
+    '601200': {
+        'replacement': '{{ .Values.defaultRules.kubeClientCertificateExpiration | default "601200" }}',
+        'init': ''},
 }
 
 # standard header
diff --git a/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml b/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
index 33c873ba65db..f1c7c9417707 100644
--- a/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
+++ b/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
@@ -200,4 +200,4 @@ spec:
         {{- end }}
       {{- end }}
 {{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/kube-prometheus-stack/values.yaml b/charts/kube-prometheus-stack/values.yaml
index f4715a347ce2..df0d694cd49f 100644
--- a/charts/kube-prometheus-stack/values.yaml
+++ b/charts/kube-prometheus-stack/values.yaml
@@ -203,6 +203,11 @@ defaultRules:
     prometheusOperator: true
     windows: true
 
+  # kubeClientCertificateExpiration specifies the lifetime of client certificates.
+  # The value is specified in seconds. 601200 seconds ≈ 6 days 22 hour.
+  # This value is chosen to align with the certificate rotation policy.  
+  kubeClientCertificateExpiration: "601200"
+
   # Defines the operator for namespace selection in rules
   # Use "=~" to include namespaces matching the pattern (default)
   # Use "!~" to exclude namespaces matching the pattern