Settings
The AIStor Key Manager process supports the following environment variables for controlling process behavior.
MINIO_LICENSE
Deprecated
As of release RELEASE.2025-11-12T19-14-51Z, AIStor Key Manager no longer requires a MinIO Commercial License. This environment variable is accepted for backward compatibility but is ignored.
Previous versions (prior to RELEASE.2025-11-12T19-14-51Z) require this environment variable.
For license configuration instructions for previous versions, see the Legacy License Installation Guide.
Specify either the plaintext license string or path to a plaintext file containing the license. This environment variable is deprecated and ignored in current versions of Key Manager.
The Key Manager server searches for the license in the following order:
- Value of the
MINIO_LICENSEenvironment variable - A
minio.licensefile in the current working directory - A
minio.licensefile in the$HOME/.minkmsdirectory
MINIO_HSM_KMS_KEY
Required
The Hardware Security Module (HSM) key to use for cryptographic and authentication operations.
Specify the output of minkms --soft-hsm.
You can remove this variable after configuring at least one external HSM.
MINIO_KMS_SERVER
Required
Specify a comma separated list of Key Manager server hostnames to perform operations against when using minkms CLI commands.
For example:
MINIO_KMS_SERVER=https://minkms-1.example.net:7373,https://minkms-2.example.net:7373,https://minkms-3.example.net:7373
This environment variable is only required for performing client API operations.
If omitted, minkms commands default connecting to 127.0.0.1:7373.
Commands which support or require specifying a HOST[:PORT] use that value as a priority over this environment variable.
MINIO_KMS_API_KEY
Required
Specify the API key of an identity to use when authenticating to a Key Manager server.
This environment variable is only required for performing client API operations.
MINIO_KMS_ENCLAVE
Optional
Specify the enclave to use when performing a client API operation.