MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add Vault support for custom CAs directory (#6527)

Browse Source
This commit is contained in:
Harshavardhana
2018-10-01 13:49:10 -07:00
committed by GitHub
parent b4772849f9
commit f163bed40d
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/kms/README.md
View File

@@ -14,7 +14,7 @@ Vault as Key Management System requires following to be configured in Vault
- AppRole based authentication with read/update policy for transit backend. In particular, read and update policy
are required for the generate data key endpoint and decrypt key endpoint.
### Environment variables
### 3. Environment variables
You'll need the Vault endpoint, AppRole ID, AppRole SecretID, encryption key-ring name before starting Minio server with Vault as KMS
@@ -26,6 +26,11 @@ export MINIO_SSE_VAULT_KEY_NAME=my-minio-key
minio server ~/export
```
Optionally set `MINIO_SSE_VAULT_CAPATH` is the path to a directory of PEM-encoded CA cert files to verify the Vault server SSL certificate.
```
export MINIO_SSE_VAULT_CAPATH=/home/user/custom-pems
```
### 4. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the Minio endpoints.