# Enable SSL Certificate Container accessible on S3 Protocol Containers on S3 are accessible via HTTP by default. To enable data encryption, you can add an SSL Certificate. ### Self-Signed Certificate #### **Preamble** We consider in this example the following parameters * Certificate validity period of key SSL is **365 days** * Private key file name is **"private.key"** * Certificate file name is **"public.crt"** * Server IP address is **"10.x.x.x"** #### **Creation of the self-signed certificate** ```bash $ cd /root/.minio/certs/ $ sudo openssl11 req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes -keyout ./private.key -out ./public.crt -subj "/CN=nodeum.domain.local" - addext " subjectAltName=DNS:nodeum.domain.local,DNS:localhost,IP:0.0.0.0,IP:127.0.0.1, IP:10.x.x.x" Generating a RSA private key ................................................................................++++ ................................................................................++++ writing new private key to './private.key' ----- ``` Once done, it's required to restart the MINIO service : 
$ systemctl restart minio
After restarting the Minio service, use this command to verify that the API and Console are secured with HTTPS. {% code fullWidth="false" %} ```bash $ systemctl status minio ● minio.service - MinIO Loaded: loaded (/etc/systemd/system/minio.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2026-04-16 06:56:26 UTC; 29s ago Docs: https://docs.min.io Process: 1569639 ExecStartPre=/bin/bash -c for i in {1..15}; do grep -qs "/mnt/FUSE " /proc/mounts && exit 0; sleep 1; done; echo "FUSE is not mounted after 15 seconds"; exit 1 (code=exited, status=0/SUCCESS) Main PID: 1569642 (minio) Tasks: 53 (limit: 203232) Memory: 54.0M CGroup: /system.slice/minio.service └─1569642 /usr/bin/minio gateway nas /mnt/FUSE Apr 16 06:56:26 nodeum systemd[1]: Starting MinIO... Apr 16 06:56:26 nodeum systemd[1]: Started MinIO. Apr 16 06:56:26 nodeum minio[1569642]: Finished loading IAM sub-system (took 0.0s of 0.0s to load data). Apr 16 06:56:26 nodeum minio[1569642]: API: https://nodeum:9000 Apr 16 06:56:26 nodeum minio[1569642]: Console: https://nodeum:9001 Apr 16 06:56:26 nodeum minio[1569642]: Documentation: https://docs.min.io Apr 16 06:56:26 nodeum minio[1569642]: =================================================================================== Apr 16 06:56:26 nodeum minio[1569642]: **** WARNING: MinIO Gateway will be removed by June 1st from MinIO repository ***** Apr 16 06:56:26 nodeum minio[1569642]: Please read https://github.com/minio/minio/issues/14331 Apr 16 06:56:26 nodeum minio[1569642]: =================================================================================== ``` {% endcode %} Ensure that 'https' appears in these lines: ``` Apr 16 06:56:26 nodeum minio[1569642]: Console: https://nodeum:9001 Apr 16 06:56:26 nodeum minio[1569642]: Documentation: https://docs.min.io ```