Banana Pi BPI-M1 – Let’s Encrypt SSL how to use a private key and public certificate with an S3-compatible object storage server with MinIO on Armbian Bullseye

root@bpi-iot-jsho-minio-03:~# apt-get install certbot

root@bpi-iot-jsho-minio-03:~# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the appropriate number [1-2] then [enter] (press ‚c‘ to cancel): 1
Plugins selected: Authenticator standalone, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‚c‘
to cancel): bpi-iot-jsho-minio-03.ddnss.eu
Requesting a certificate for bpi-iot-jsho-minio-03.ddnss.eu
Performing the following challenges:
http-01 challenge for bpi-iot-jsho-minio-03.ddnss.eu
Waiting for verification…
Cleaning up challenges
Subscribe to the EFF mailing list (email: josef.schuster@dpsolution.de).

IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/privkey.pem
Your certificate will expire on 2022-03-27. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run „certbot renew“
– If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

root@bpi-iot-jsho-minio-03:~#

root@bpi-iot-jsho-minio-03:/# find . -name fullchain.pem -print
./etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem

root@bpi-iot-jsho-minio-03:/#

root@bpi-iot-jsho-minio-03:~# cp /etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem $HOME/.minio/certs/public.crt
root@bpi-iot-jsho-minio-03:~# cp /etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/privkey.pem $HOME/.minio/certs/private.key