Generate Let's Encrypt certificate using Concert for Minio Slack

Let’s Encrypt is a new free, automated, and open source, Certificate Authority.

Concert is a console based certificate generation tool for Let’s Encrypt. It is open source & one of the related project from Minio.

In this recipe, we will generate a Let's Encypt certificate using Concert. This certificate will then be deployed for use in the Minio server.

1. Prerequisites

2. Dependencies

3. Recipe Steps

Step 1: Install concert as shown below.

$ go get -u

Step 2: Generate Let's Encrypt cert.

$ sudo concert gen --dir my-certs
2016/04/04 07:10:01 Generated certificates for under my-certs will expire in 89 days.

Step 3: Verify Certificates.

List certs saved in my-certs directory.

$ ls -l my-certs/
total 12
-rw------- 1 root root  227 Apr  4 07:10 certs.json
-rw------- 1 root root 1679 Apr  4 07:10 private.key
-rw------- 1 root root 3448 Apr  4 07:10 public.crt

Step 4: Set up SSL on Minio Server with the certificates.

The generated keys via Concert needs to be placed inside users home directory at ${HOME}/.minio/certs

$ cp my-certs/private.key /home/supernova/.minio/certs/
$ cp my-certs/public.crt /home/supernova/.minio/certs/

Step 5: Change ownership of certificates.

Let's Encrypt generates the certificate as root, but you can change the ownership to user/group that is supposed to run Minio server.

$ sudo chown supernova:supernova /home/supernova/.minio/certs/private.key
$ sudo chown supernova:supernova /home/supernova/.minio/certs/public.crt

Step 6: Start Minio Server using HTTPS.

Start Minio Server as shown below.

$ ./minio server export/

Step 7: Visit in the browser.