Minio S3

Reading Time: 3 minutes

Last updated: 5/10/2024

MiniIO is a S3 High performance Object Storage server released under GNU. It is capable of replication and load balancing to provide a high degree of performance and reliability.

In this section we will discuss 3 things.

The Minio S3 Server.
The Minio S3 Client
The AWS Client

Cyberduck – A long standing file exchange client.
Filezilla Pro – As of 2021 there may very well be a problem with Filezilla Pro. It appears to be focused on connecting to AWS Regions. I do not know if this problem persists.

Install Minio

HOW to use SSL

There are a number of ways to create a SSL. In this instance we are going to explore the use of a utility called certgen which is provided for from a minio GIT repository. We could have just as easily have used OpenSSL. We could have used or created a certificate using “Let’s Encrypt” or using Python and the Cryptography module.


git clone

Now GO is not my language of choice. I have only used it to explore the language. So it might be the case that you will need to install parts of the GO development library in order to create a workable version of “certgen”. I will take a slight pause at the fact that the MinIO binary was provided for us.

To install “go” in ubuntu you can do the following:

snap install go --classic

So it should be installed. We can see what version we are using by inquiring about the version/release.

root@node:/home/user/certgen# go version
go version go1.16.7 linux/amd64

Now it’s time to build it.

export GOPATH=/home/user/certgen
go build certgen.go

Now that we have built the command we can use it to create a self signed cert with an IP Address.

root@node:/home/user/certgen# ./certgen --host
2021/09/26 14:10:47 wrote public.crt
2021/09/26 14:10:47 wrote private.key

The cert will be of the form:

Version V3
Signature hash algorithm: SHA256
Public Key: RSA (2048 Bits)
Subject: Acme Co
Subject Alternative Name: IP Address =
Basic Contstraings:
Subject Type=End Entity
Path Length Contraint=None

Now we can copy these over more useful location:
I choose /root/minio/certs because this is listed as the default directory.

cp private.key /root/.minio/certs
cp public.crt /root/.minio/certs

NOTE: If Minio learns it can use uses certs it will launch the portal to use HTTPS instead of HTTPS.

Now we can:

./minio server /mnt/storage

This assumes that in the /mnt directory you have create a folder named storage
Perhaps you have mounted another disk or storage system to this


We might want to use the Minio CLI. To get this we simply

$ wget

<no discussion of the mc client is listed here.>


Alternatively we might can use the AWS CLI.

C:\Users\User>aws --endpoint-url s3 ls test
2021-09-26 08:37:09 13073 Untitled.png
2021-09-26 09:26:09 3 test.txt

In this cheesy example we will pretended that I created an access_key and secret_key of ec2-user.

aws configure set access_key ec2-user
aws configure set secret_key ec2-user

To list the AWS configuration information:

C:\Users\>aws configure list
Name Value Type Location
---- ----- ---- --------
profile None None
access_key user shared-credentials-file
secret_key user shared-credentials-file
region None None

If you want to use SSL and not have to specify the –no-verify-ssl option, then you need to set the AWS_CA_BUNDLE environment variable. I will come back and visit this as I was not able to snap my fingers and get this to work.

aws --no-verify-ssl --endpoint-url s3 ls
aws --no-verify-ssl --endpoint-url s3 ls s3://test

Let’s Build a Service File:

It may be the case that you will want to install this as a service. For a linux based system the easiest way to do this might be to simply create an entry for the service.

cat <<EOF | sudo tee /etc/systemd/system/minio.service

ExecStart=/home/user/minio server /mnt storage


Time to reload the daemon; start the service and then inquire as to its status.

sudo systemctl daemon-reload
sudo systemctl start minio.service
sudo service minio status


This entry was posted in AWS, S3, Storage. Bookmark the permalink.