minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-07-30 07:03:26 +03:00
Code Activity

fix additional build warnings (#1239)

Browse Source 
Fix more build warnings. This includes removing references to
`MINIO_KMS_KES_ENCLAVE`
This commit is contained in:
Andrea Longo
2024-06-07 14:32:07 -06:00
committed by GitHub
parent b173e7bb6e
commit c30bdaec84
6 changed files with 8 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
source/includes/container/common-minio-kes.rst
View File

@ -103,7 +103,6 @@ This command assumes the ``minio-kes.cert``, ``minio-kes.key``, and ``kes-server
MINIO_KMS_KES_KEY_FILE=/certs/minio-kes.key
MINIO_KMS_KES_CAPATH=/certs/server.cert
MINIO_KMS_KES_KEY_NAME=minio-backend-default-key
MINIO_KMS_KES_ENCLAVE=<name>
MinIO uses the :envvar:`MINIO_KMS_KES_KEY_NAME` key for the following cryptographic operations:
@ -111,14 +110,6 @@ MinIO uses the :envvar:`MINIO_KMS_KES_KEY_NAME` key for the following cryptograp
- Encrypting objects using :ref:`SSE-KMS <minio-encryption-sse-kms>` if the request does not include a specific |EK|.
- Encrypting objects using :ref:`SSE-S3 <minio-encryption-sse-s3>`.
MinIO uses the :envvar:`MINIO_KMS_KES_ENCLAVE` key to define the name of the KES enclave to use.
- Replace ``<name>`` with the name of the :term:`enclave` to use.
- If not defined, MinIO does not send any enclave information.
This may result in using the default enclave for stateful KES servers.
A KES :term:`enclave` isolates its associated keys from other enclaves on a stateful KES server.
The ``minio-kes`` certificates enable for mTLS between the MinIO deployment and the KES server *only*.
They do not otherwise enable TLS for other client connections to MinIO.