* Donc, le certificat et le traitement du cryptage sont faits avant HTTP.
* TCP ne connaît pas les "domaines", seulement les adresses IP.
    * L'information sur le domaine spécifique demandé se trouve dans les données HTTP.
* Les certificats HTTPS "certifient" un certain domaine, mais le protocole et le cryptage se font au niveau TCP, avant de savoir quel domaine est traité.

Il est intégré à Let's Encrypt. Ainsi, il peut gérer toutes les parties HTTPS, y compris l'acquisition et le renouvellement des certificats.

Public Domain...

		[size_is(num_sids)] LsarSidPtr *sids;
	} LsarSidArray;

	typedef enum {
		SID_NAME_USE_NONE = 0, /* NOTUSED */
		SID_NAME_USER     = 1, /* user */
		SID_NAME_DOM_GRP  = 2, /* domain group */
		SID_NAME_DOMAIN   = 3, /* domain: don't know what this is */
		SID_NAME_ALIAS    = 4, /* local group */
		SID_NAME_WKN_GRP  = 5, /* well-known group */
		SID_NAME_DELETED  = 6, /* deleted account: needed for c2 rating */

		[size_is(num_sids)] LsarSidPtr *sids;
	} LsarSidArray;

	typedef enum {
		SID_NAME_USE_NONE = 0, /* NOTUSED */
		SID_NAME_USER     = 1, /* user */
		SID_NAME_DOM_GRP  = 2, /* domain group */
		SID_NAME_DOMAIN   = 3, /* domain: don't know what this is */
		SID_NAME_ALIAS    = 4, /* local group */
		SID_NAME_WKN_GRP  = 5, /* well-known group */
		SID_NAME_DELETED  = 6, /* deleted account: needed for c2 rating */

				},
			},
			domains:          []string{"mys3.bucket.org"},
			bucket:           "mybucket",
			object:           "test/1.txt",
			expectedLocation: "https://mybucket.mys3.bucket.org/test/1.txt",
		},
	}
	for _, testCase := range testCases {
		t.Run("", func(t *testing.T) {
			gotLocation := getObjectLocation(testCase.request, testCase.domains, testCase.bucket, testCase.object)

        String root = "share";
        String path = "\\folder";
        String fullPath = "\\" + domain + "\\" + root + path; // Should be "\domain.com\share\folder"

        lenient().when(smbTransport.getDfsReferrals(auth, fullPath, 0)).thenReturn(dfsReferral);

        assertEquals(dfsReferral, dfs.getReferral(smbTransport, domain, root, path, auth));
    }

    @Test

// A cross-domain policy file is an XML document that grants a web client, such as Adobe Flash Player
// or Adobe Acrobat (though not necessarily limited to these), permission to handle data across domains.
// When clients request content hosted on a particular source domain and that content make requests
// directed towards a domain other than its own, the remote domain needs to host a cross-domain

For a [distributed MinIO setup](https://docs.min.io/community/minio-object-store/operations/deployments/kubernetes.html), where there are multiple pods with different domain names expected to run, you will either need wildcard certificates valid for all the domains or have specific certificates for each domain. If you are going to use specific certificates, make sure to create Kubernetes secrets accordingly.

        serverData.encryptionKeyLength = 8;
        response.flags2 = ServerMessageBlock.FLAGS2_UNICODE;
        byte[] domainNameBytes = "DOMAIN_U".getBytes("UTF-16LE");
        response.byteCount = 8 + domainNameBytes.length + 2; // key + domain + null terminator

        // Prepare byte array
        byte[] encryptionKey = "12345678".getBytes();
        ByteBuffer buffer = ByteBuffer.allocate(response.byteCount);