Skip to content

externalClientCertSecret is `MinIO Client Certificates`?

Cesar Celis Hernandez edited this page May 12, 2023 · 2 revisions
Screenshot 2023-05-12 at 2 37 00 PM Screenshot 2023-05-12 at 2 37 19 PM
spec:
  externalClientCertSecrets:
  - name: main-storage-d5jzo-external-client-certificate-0
    type: kubernetes.io/tls
  ## Use this field to provide client certificates for MinIO & KES. This can be used to configure
  ## mTLS for MinIO and your KES server. Files will be mounted under /tmp/certs folder, supported types:
  ## Opaque | kubernetes.io/tls | cert-manager.io/v1alpha2 | cert-manager.io/v1
  ## ie:
  ##
  ##  externalClientCertSecret:
  ##    name: mtls-certificates-for-tenant
  ##    type: Opaque
bash-4.4$ pwd
/tmp/certs/client-0
bash-4.4$ ls
client.crt  client.key
apiVersion: v1
data:
  tls.crt: <base64value>
  tls.key: <base64value>
immutable: true
kind: Secret
metadata:
  labels:
    v1.min.io/tenant: main-storage
  name: main-storage-d5jzo-external-client-certificate-0
  namespace: ns-3
type: kubernetes.io/tls
Clone this wiki locally