# The address:port of the kes server - i.e. on the local machine. address = "127.0.0.1:7373" [tls] key = "./kes-tls.key" cert = "./kes-tls.crt" [policy.minio] paths = [ "/v1/key/create/minio-*", "/v1/key/generate/minio-*", "/v1/key/decrypt/minio-*" ] identities = [ "dd46485bedc9ad2909d2e8f9017216eec4413bc5c64b236d992f7ec19c843c5f" ] [cache.expiry] all = "5m" unused = "20s" [keystore.vault] address = "https://127.0.0.1:8200" # The Vault endpoint - i.e. https://127.0.0.1:8200 name = "minio" # The domain resp. prefix at Vault's K/V backend [keystore.vault.approle] id = "" # Your AppRole Role ID secret = "" # Your AppRole Secret ID retry = "15s" # Duration until the server tries to re-authenticate after connection loss. [keystore.vault.tls] ca = "./vault-tls.crt" # Since we use self-signed certificates [keystore.vault.status] ping = "10s"