1
0
mirror of https://github.com/minio/minio.git synced 2025-01-27 06:33:18 -05:00
Commit Graph

29 Commits

Author SHA1 Message Date
George Tsatsis
e8176fe978
Use -new during OpenSSL certificate generation ()
As per https://stackoverflow.com/a/3758443/8156177, OpenSSL expects a certificate via STDIN. 
`-new` will allow a new certificate to be generated instead.
2021-01-11 02:24:50 -08:00
Anis Elleuch
fe11e9047d
deprecate CommonName from TLS docs ()
CommonName is not supported anymore in Go 1.15

fix the TLS documentation to use subjAltNames
2020-12-02 10:18:39 -08:00
Justin Clift
5e15b0b844
fix misspelling of Certbot () 2020-05-26 08:56:50 -07:00
Arthur Lutz
da87188ff8
fix: tls doc markdown title () 2020-04-29 12:28:45 -07:00
Julio Pintos
3b05e175d7 fix link to let's encrypt doc () 2019-09-23 23:53:11 +05:30
Andreas Auernhammer
219d841496 remove encryption key section for certtool docs ()
This commit removes the encryption key section from
the certool.exe docs because:
 - MinIO does not support any TLS cipher that encrypts
   something with the private key. We only support PFS
   ciphers.
 - The doc comment is not really accurate anyway.
2019-06-21 10:39:02 -07:00
Harshavardhana
0c16b1c9a7 Fix docs.min.io linking issues () 2019-05-30 17:19:25 -07:00
parnigot
ba76cd3268 Minor TLS documentation improvements ()
Added the explicit name for private.key and public.crt
2019-04-29 12:56:34 -07:00
kannappanr
5ecac91a55
Replace Minio refs in docs with MinIO and links () 2019-04-09 11:39:42 -07:00
Harshavardhana
e82dcd195c Deprecate config-dir bring in certs-dir for TLS configuration ()
This PR is to provide indication that config-dir will be removed
in future and all users should migrate to new --certs-dir option

Fixes 
Fixes 
2019-01-02 10:05:16 -08:00
James Neiman, President
950b4ad9af Update to How to secure access to Minio server with TLS () 2018-12-04 17:30:39 -08:00
Eco
3457e504cf Spelling changes and fixed link () 2018-10-17 10:55:55 -07:00
Nitish Tiwari
b16e33bcf5 Fix Kubernetes TLS doc to avoid creating CAs dir on read only mount () 2018-07-31 10:58:34 -07:00
Nitish Tiwari
5afd856355 Update Kubernetes TLS doc with info for distributed setups ()
Also, add details on how to create wildcard self-signed certificates
using openssl
2018-05-23 20:41:25 -07:00
Acid Chicken (硫酸鶏)
483fe4bed5 Fix typo () 2018-05-22 08:09:30 +05:30
rawipfel
1cf381f1b0 handle Kubernetes read-only secrets () 2018-05-18 10:31:11 +05:30
Andreas Auernhammer
21a3c0f482 disable elliptic curves P-384 and P-521 for TLS. ()
This change disables the non-constant-time implementations of P-384 and P-521.
As a consequence a client using just these curves cannot connect to the server.
This should be no real issues because (all) clients at least support P-256.

Further this change also rejects ECDSA private keys of P-384 and P-521.
While non-constant-time implementations for the ECDHE exchange don't expose an
obvious vulnerability, using P-384 or P-521 keys for the ECDSA signature may allow
pratical timing attacks.

Fixes 
2018-04-24 15:47:30 -07:00
Nitish Tiwari
4a4d1d1b82 Add Minio TLS configuration doc for Kubernetes deployment () 2018-03-12 14:22:23 -07:00
Andreas Auernhammer
889dd387f1 [doc] fix openssl command for ECDSA key generation ()
This change fixes the command for generating ECDSA private keys.
The current command produces private key files which cannot be parsed
by the server.

Fixes 
2018-03-08 15:06:42 -08:00
Andreas Auernhammer
09a9002f12 add documentation about PKCS-8 encrypted RSA keys ()
This change adds documentation about PKCS-8 vs PKCS-1 pitfalls. It 
also provides a command to convert encrypted PKCS-8 RSA keys to 
encrypted PKCS-1 RSA keys.

Fixes 
2018-01-27 09:30:02 +05:30
Andreas Auernhammer
b85c75996d add support for encrypted TLS private keys ()
This change adds support for password-protected private keys.
If the private key is encrypted the server tries to decrypt
the key with the password provided by the env variable 
MINIO_CERT_PASSWD.

Fixes 
2018-01-05 13:18:08 +05:30
Nitish Tiwari
0c73c81919
Cleanup TLS setup document ()
Fixes 
2017-11-28 15:15:50 +05:30
Anis Elleuch
e31e2c3bc2 doc: Explain how to create certificate chain file ()
public.crt needs sometimes to have a chain certificate, this PR
explains how to construct public.crt when certificate are issued
by a certificate authority.
2017-04-02 04:47:56 -07:00
koolhead17
80b83a51a3 Docs: Fix for Self signed certificate. () 2017-03-23 08:20:39 -07:00
Pawan Rawal
1396e91dd1 Update link for downloading minio server. ()
This and the link for downloading Minio server at other places in the docs seems to be broken. I suppose this happened while updating the name of the page (which updated the url) in Doctor docs. 
Might be nice for Doctor to update internal links if the name of a page is changed in a background job.
2017-03-19 18:26:23 -07:00
Dee Koder
c6e76160ad Update README.md 2017-02-14 14:20:29 -08:00
Harshavardhana
cf558ff6d1 docs: Fix TLS doc to be docs.minio.io compatible 2017-01-28 22:46:29 -08:00
Harshavardhana
5af7bd6a01 docs: Fix a typo in TLS doc description 2017-01-28 22:41:52 -08:00
Harshavardhana
73f4f29110 docs: Restructure docs, move the files to their relevant location. ()
Also combines windows TLS docs with single doc with Linux.
2017-01-28 19:45:30 -08:00