/**
     * Checks whether the SID is empty (no sub-authorities).
     *
     * @return whether the SID is empty (no sub-authorities)
     */
    public boolean isEmpty() {
        return this.sub_authority_count == 0;
    }

    /**
     * Checks whether the SID is blank (all sub-authorities zero).
     *
     * @return whether the SID is blank (all sub-authorities zero)
     */
    public boolean isBlank() {

and increase connectivity with web servers.

### Certificate Pinning ([.kt][CertificatePinningKotlin], [.java][CertificatePinningJava])

import okio.ByteString.Companion.toByteString

/**
 * Constrains which certificates are trusted. Pinning certificates defends against attacks on
 * certificate authorities. It also prevents connections through man-in-the-middle certificate
 * authorities either known or unknown to the application's user.
 * This class currently pins a certificate's Subject Public Key Info as described on

        SMBUtil.writeInt4(44, testBuffer, 8); // group offset
        SMBUtil.writeInt4(0, testBuffer, 12); // SACL offset
        SMBUtil.writeInt4(0, testBuffer, 16); // DACL offset

        // Owner SID with 3 sub-authorities (S-1-5-21-X-Y-Z)
        testBuffer[20] = 0x01; // revision
        testBuffer[21] = 0x03; // sub-authority count
        testBuffer[22] = 0x00; // identifier authority
        testBuffer[23] = 0x00;

            // Default constructor
        }

        /**
         * The revision level of the SID structure.
         */
        public byte revision;
        /**
         * The number of sub-authorities in this SID.
         */
        public byte sub_authority_count;
        /**
         * The identifier authority value (6 bytes).
         */
        public byte[] identifier_authority;
        /**

         */
        public sid_t() {
            // Default constructor
        }

        /** The revision level of the SID structure */
        public byte revision;
        /** The number of sub-authorities in the SID */
        public byte sub_authority_count;
        /** The identifier authority value (6 bytes) */
        public byte[] identifier_authority;
        /** The array of sub-authority values */

        assertEquals(32, sid.sub_authority[0]);
        assertEquals(544, sid.sub_authority[1]);
        assertEquals(adminSidString, sid.toString());
    }

    /**
     * Test byte array constructor with too many sub-authorities.
     */
    @Test
    void testByteArrayConstructorTooManySubAuthorities() {
        byte[] badSid = new byte[10];
        badSid[1] = 101; // sub_authority_count > 100

 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their
 * peers. Sets of root certificates are managed by either the HTTP client (like Firefox), or the

  publicCrt: public.crt
  privateKey: private.key

## Trusted Certificates Settings for MinIO. Ref: https://docs.min.io/community/minio-object-store/operations/network-encryption.html#third-party-certificate-authorities
## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret

/tls/kubernetes#2-create-kubernetes-secret certSecret: "" publicCrt: public.crt privateKey: private.key ## Trusted Certificates Settings for MinIO. Ref: https://min.io/docs/minio/linux/operations/network-encryption.html#third-party-certificate-authorities ## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret ## When using self-signed certificates, remember to include MinIO's own certificate...