third party CAs, remember to include Minio's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for Minio's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

volume for MinIO TLS keys and trusted certs */}} {{- define "minio.tlsKeysVolume" -}} {{- if .Values.tls.enabled }} - name: cert-secret-volume secret: secretName: {{ tpl .Values.tls.certSecret $ }} items: - key: {{ .Values.tls.publicCrt }} path: public.crt - key: {{ .Values.tls.privateKey }} path: private.key {{- end }} {{- if or .Values.tls.enabled (ne .Values.trustedCertsSecret "") }} {{- $certSecret := eq .Values.trustedCertsSecret "" | ternary .Values.tls.certSecret .Values.trustedCertsSecret }} {{-...

type: Opaque
data:
  rootUser: {{ include "minio.root.username" . | b64enc | quote }}
  rootPassword: {{ include "minio.root.password" . | b64enc | quote }}
  {{- if .Values.etcd.clientCert }}
  etcd_client.crt: {{ .Values.etcd.clientCert | toString | b64enc | quote }}
  {{- end }}
  {{- if .Values.etcd.clientCertKey }}
  etcd_client.key: {{ .Values.etcd.clientCertKey | toString | b64enc | quote }}
  {{- end }}

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...

third party CAs, remember to include MinIO's own certificate with key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl...