Add SSL/TLS Support to S3
Upgraded to 11 stable train to get S3 / Minio in base (this is a great feature, thanks!); however, I'm not able to make much use of it as it seems to only be available over http.
My FreeNAS web ui is running over https but when I go to the Minio web UI via the UI button in the config I'm redirected out to an HTTP connection on 9000. Digging around I don't see an docs or config options for getting FreeNAS' Minio running over https as such I'm not sure if this is a bug (should pick up settings from admin interface), a feature request (haven't gotten to it yet), or a documentation request.
#1 Updated by Suraj Ravichandran over 3 years ago
- Assignee changed from Suraj Ravichandran to Kris Moore
- Priority changed from No priority to Nice to have
- Target version set to 11.1
@Kris, I do not have any knowledge about minio. Could you please redirect it to the person who added it.
If they need help with just adding the cert foreignkey I can do that part, but the minio config part I have little clue.
#4 Updated by Philon Terving over 3 years ago
I was also testing the S3 capabilities. My Mac clients (Transmit and Cyberduck) always want to connect to S3 via TLS. They don't even have the option to switch to HTTP. While nice for security reasons it does make the minio feature kind of useless.
Checking on the Minio docs, the solution is quite simple. Just put some certs in the right location: https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls.So my workaround:
- ln -s /etc/certificates/my-freenas.crt /usr/local/etc/minio/certs/public.crt
- ln -s /etc/certificates/my-freenas.key /usr/local/etc/minio/certs/private.key
After a restart of the minio service it will automatically pick up the cert and switch to TLS mode. And I guess the typical GUI selection should be the better solution to fix this bug here.