TN-12.0-U5.1 - Problem config SSL in Minio plugin

MTR10

Cadet
Joined
Apr 19, 2021
Messages
3
hi all,
we have a TrueNAS Core installation running with the S3 service active. This is working great.
Now we want to run an additional S3 service. We accomplished this by creating a jail and install the MinioPlugin. Also this is running well, but the service is reachable via HTTP and we want it to be available as HTTPS.
We followed the instructions as described on the site of Minio (see URLs below).

For us its ok to run it with a self-signed certificate. We used the commands as described in the instructions from minio:
1. generate private key with ECDSA:
openssl ecparam -genkey -name prime256v1 | openssl ec -out private.key

2. generate a self-signed certificate (the openssl.conf is created according the instructions):
openssl req -new -x509 -nodes -days 730 -key private.key -out public.crt -config openssl.conf

3. restart the minion service as also the jail itself.


both private.key and public.crt are in /root/.minio/certs/

Is it necessary to change the firewall rules? Or do we need to add minio rights on the files/folder?
Please advice how to get HTTPS working for the Minion-Plugin.

Thanks in advance,

Mathieu Termeer

 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,456
I just did some work on this; see:

The cert and key need to be in /usr/local/etc/minio/certs, and need to be readable by the minio user. But as far as the firewall, and running more than one instance side-by-side, I don't think I can help there.
 

MTR10

Cadet
Joined
Apr 19, 2021
Messages
3
Thank you for you're response. We didn't go through with the configuration. I will close the case.
 
Top