3

I followed this documentation, but I can't make my images to be served with HTTPS.

I have the following /etc/default/minio configuration file:

MINIO_ACCESS_KEY="admin"
MINIO_VOLUMES="/usr/local/share/minio/"
MINIO_OPTS="-C /etc/minio --address vps.ovh.net:443 --console-address :9001"
MINIO_SECRET_KEY="secret"

If I specify another port like 9000 instead of 443, this time it works, but the file is served with HTTP:

http://vps.ovh.net:9000/images/product/e53b9fde-4df1-4e54-bef4-76cd8c97cdb2.jpg

I have generated the certificates in /etc/minio :

pwd
/etc/minio/certs
ll
rw------- 1 minio-user minio-user 1704 Feb  3 11:05 private.key
-rw-r--r-- 1 minio-user minio-user 5522 Feb  3 11:05 public.crt

Any ideas or tips?

COil
  • 239

1 Answers1

8

The documentation you referenced advises placing the certificates under ${HOME}/.minio/certs which is the default path. You have not followed the documentation, but placed them under the path /etc/minio/certs, instead.

If you wish to use that path, you would use --certs-dir /etc/minio/certs in your MINIO_OPTS, as documented in both Network Encryption (TLS) (Default Path vs. Custom Path) & MinIO Server --certs-dir, -S.

It seems that with -C /etc/minio you have tried to do this using a deprecated parameter:

Important:

MinIO Server RELEASE.2023-12-09T18-17-51Z removes the deprecated --config-dir | -C parameter. Deployments using this flag may start without TLS enabled. Replace those parameters with --certs-dir | -S and restart to re-enable TLS.

That is exactly what happened.

Esa Jokinen
  • 52,963
  • 3
  • 95
  • 151