final String encrypted1 = cipher1.encryptText(original);
        final String encrypted2 = cipher2.encryptText(original);

        assertThat(encrypted1, is(not(encrypted2)));
        assertThat(cipher1.decryptText(encrypted1), is(original));
        assertThat(cipher2.decryptText(encrypted2), is(original));
    }

    @Test
    public void testEmptyString() {

        assertNotNull(cryptographer);

        String plainText = "Hello, World!";
        String encrypted = cryptographer.encrypt(plainText);
        assertNotNull(encrypted);
        assertFalse(plainText.equals(encrypted));

        String decrypted = cryptographer.decrypt(encrypted);
        assertEquals(plainText, decrypted);
    }

    @Test

* Nginx
* HAProxy

## Let's Encrypt { #lets-encrypt }

Before Let's Encrypt, these **HTTPS certificates** were sold by trusted third parties.

The process to acquire one of these certificates used to be cumbersome, require quite some paperwork and the certificates were quite expensive.

But then **[Let's Encrypt](https://letsencrypt.org/)** was created.

     * Parses the role set from a string.
     * @param value The string to parse.
     * @param encrypted Whether the string is encrypted.
     * @param roleSet The set of roles.
     */
    protected void parseRoleSet(final String value, final boolean encrypted, final Set<String> roleSet) {
        String rolesStr = value;
        if (encrypted && cipher != null) {
            try {
                rolesStr = cipher.decryptoText(rolesStr);

No es muy popular o usado hoy en día.

OAuth2 no especifica cómo encriptar la comunicación, espera que tengas tu aplicación servida con HTTPS.

/// tip | Consejo

En la sección sobre **deployment** verás cómo configurar HTTPS de forma gratuita, usando Traefik y Let's Encrypt.

///

## OpenID Connect { #openid-connect }

	}

	actualSize := data.ActualSize()
	if actualSize < 0 {
		_, encrypted := crypto.IsEncrypted(fi.Metadata)
		compressed := fi.IsCompressed()
		switch {
		case compressed:
			// ... nothing changes for compressed stream.
			// if actualSize is -1 we have no known way to
			// determine what is the actualSize.
		case encrypted:
			decSize, err := sio.DecryptedSize(uint64(n))
			if err == nil {

        Set<String> roleSet;
        boolean encrypted;
        String value;

        encrypted = false;
        value = "";
        roleSet = decodedRoleList(roleQueryHelperImpl, value, encrypted);
        assertEquals(0, roleSet.size());

        encrypted = false;
        value = "role1";
        roleSet = decodedRoleList(roleQueryHelperImpl, value, encrypted);
        assertEquals(0, roleSet.size());

            @Override
            public String encrypt(String plainText) {
                return "encrypted:" + plainText;
            }

            @Override
            public String decrypt(String cryptedText) {
                return cryptedText.startsWith("encrypted:") ? cryptedText.substring("encrypted:".length()) : cryptedText;
            }
        };

TLS Termination Proxy로 사용할 수 있는 옵션은 다음과 같습니다:

* Traefik (인증서 갱신도 처리 가능)
* Caddy (인증서 갱신도 처리 가능)
* Nginx
* HAProxy

## Let's Encrypt { #lets-encrypt }

Let's Encrypt 이전에는 이러한 **HTTPS 인증서**가 신뢰할 수 있는 제3자에 의해 판매되었습니다.

인증서를 획득하는 과정은 번거롭고, 꽤 많은 서류 작업이 필요했으며, 인증서도 상당히 비쌌습니다.

하지만 그 후 **[Let's Encrypt](https://letsencrypt.org/)**가 만들어졌습니다.

        assertEquals(expect, ParameterUtil.encrypt(value));

        value = "";
        expect = "";
        assertEquals(expect, ParameterUtil.encrypt(value));

        value = "\n";
        expect = "";
        assertEquals(expect, ParameterUtil.encrypt(value));

        value = "=";
        expect = "unknown.1=";
        assertEquals(expect, ParameterUtil.encrypt(value));

        value = "=1\n=";