My goal now is to create a TLS certificate for MinIO in my k8s cluster.

Link to MinIO requirements for TLS connection - up to date.

MinIO running through port-forward to get into the service in the cluster.

There is a cert-manager chart installed via terraform in the cluster which I want to use it for.

I would be happy to get all info on how to actually create, check the certificate, assign it and understand the core concepts of TLS secure connection. many of the guides I have read/watch so far got me a bit confused.

• Our k8s is working as Helm charts overall so please be aware not to get into local commands.

• Those certificates are supposed to be the simplest ones to create and assign. It will be self-signed which means the CA will be part of the cluster itself and not Third Party CA.

• MinIO service expects for public.crt and private.key insdie this path: /etc/minio/certs/ or this path: ${HOME}/.minio/certs

values.yaml snippet of TLS configuration:

## TLS Settings for MinIO
tls:
   enabled: true
## Create a secret with private.key and public.crt files and pass 
that here. Ref: 
https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2- 
create-kubernetes-secret
certSecret: "tls-minio"
publicCrt: public.crt
privateKey: private.key

## Trusted Certificates Settings for MinIO. Ref: 
https://docs.minio.io/docs/how-to-secure-access-to-minio-server- 
with-tls#install-certificates-from-third-party-cas
## Bundle multiple trusted certificates into one secret and pass that here. Ref: 
https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2- 
create-kubernetes-secret
## When using self-signed certificates, remember to include MinIO's own certificate in the bundle with key public.crt.
## If certSecret is left empty and tls is enabled, this chart installs the public certificate from .Values.tls.certSecret.
trustedCertsSecret: ""

Ask me for any more info about this.

Thanks!