[simiones]

Unfortunately this would probably not work for my purposes - the issue on my side is that I want to enable MinIO to use server-side encryption; however, MinIO doesn't support SSE unless TLS is enabled inside MinIO itself - so it's ultimately MinIO that needs these certificates, it doesn't help that the Linkerd proxy is actually encrypting the traffic if MinIO doesn't know about it.

There may be a way to tell MinIO to use the the proxy certificates though, since those may be somewhere in the pod FS if I understand the docs correctly, I can try to investigate that, thanks for the link!