diff --git a/pkg/kubeconfig/kubeconfig.go b/pkg/kubeconfig/kubeconfig.go
index bddee389..55eba4f2 100644
--- a/pkg/kubeconfig/kubeconfig.go
+++ b/pkg/kubeconfig/kubeconfig.go
@@ -65,7 +65,12 @@ func generateKubeconfig(ctx context.Context, c client.Client, clusterName client
 		return nil, ErrCertNotInKubeconfig
 	}
 
-	cfg, err := New(clusterName.Name, endpoint, clientCACert, clientCAKey, serverCACert)
+	httpProxy, err := secret.GetFromNamespacedName(ctx, c, clusterName, secret.HTTPProxy)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to retrieve HTTPProxy secret")
+	}
+
+	cfg, err := New(clusterName.Name, endpoint, clientCACert, clientCAKey, serverCACert, httpProxy.Data[secret.HTTPProxyKey])
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to generate a kubeconfig")
 	}
@@ -78,7 +83,7 @@ func generateKubeconfig(ctx context.Context, c client.Client, clusterName client
 }
 
 // New creates a new Kubeconfig using the cluster name and specified endpoint.
-func New(clusterName, endpoint string, clientCACert *x509.Certificate, clientCAKey crypto.Signer, serverCACert *x509.Certificate) (*api.Config, error) {
+func New(clusterName, endpoint string, clientCACert *x509.Certificate, clientCAKey crypto.Signer, serverCACert *x509.Certificate, proxyURL []byte) (*api.Config, error) {
 	cfg := &certs.Config{
 		CommonName:   "kubernetes-admin",
 		Organization: []string{"system:masters"},
@@ -97,12 +102,12 @@ func New(clusterName, endpoint string, clientCACert *x509.Certificate, clientCAK
 
 	userName := fmt.Sprintf("%s-admin", clusterName)
 	contextName := fmt.Sprintf("%s@%s", userName, clusterName)
-
 	return &api.Config{
 		Clusters: map[string]*api.Cluster{
 			clusterName: {
 				Server:                   endpoint,
 				CertificateAuthorityData: certs.EncodeCertPEM(serverCACert),
+				ProxyURL:                 string(proxyURL),
 			},
 		},
 		Contexts: map[string]*api.Context{
diff --git a/pkg/secret/const.go b/pkg/secret/const.go
index bb41e88d..d532a7e2 100644
--- a/pkg/secret/const.go
+++ b/pkg/secret/const.go
@@ -47,6 +47,12 @@ const (
 	// FrontProxyCA is the secret name suffix for Front Proxy CA.
 	FrontProxyCA Purpose = "proxy"
 
+	// HTTPProxy is the secret name suffix for http Proxy.
+	HTTPProxy = Purpose("http-proxy-config")
+
+	// HTTPProxyKey is the key storing http Proxy.
+	HTTPProxyKey = "http-proxy"
+
 	// APIServerEtcdClient is the secret name of user-supplied secret containing the apiserver-etcd-client key/cert.
 	APIServerEtcdClient Purpose = "apiserver-etcd-client"
 )
diff --git a/pkg/secret/secret.go b/pkg/secret/secret.go
index 23b10be8..97d0c58b 100644
--- a/pkg/secret/secret.go
+++ b/pkg/secret/secret.go
@@ -43,6 +43,10 @@ func GetFromNamespacedName(ctx context.Context, c client.Reader, clusterName cli
 		Name:      Name(clusterName.Name, purpose),
 	}
 
+	if purpose == HTTPProxy {
+		secretKey.Name = string(purpose)
+	}
+
 	if err := c.Get(ctx, secretKey, secret); err != nil {
 		return nil, err
 	}