```

```
mc stat myminio/bucket/test.file
Name      : test.file
...
Encrypted :
  X-Amz-Server-Side-Encryption: AES256
```

## Encrypted Private Key

MinIO supports encrypted KES client private keys. Therefore, you can use
an password-protected private keys for `MINIO_KMS_KES_KEY_FILE`.

        try {
            krbNameOid = new Oid("1.2.840.113554.1.2.2.1");
            krbMechOid = new Oid("1.2.840.113554.1.2.2");
        } catch (Exception e) {
            log.error("Failed to initialize kerberos OIDs", e);
        }

        JGSS_KRB5_NAME_OID = krbNameOid;
        JGSS_KRB5_MECH_OID = krbMechOid;
    }

    private final GSSContext gssContext;
    private final GSSName clientName;

This, of course, is not optimal and you wouldn't use it for production.

In production you would have one of the options above.

But it's the simplest way to focus on the server-side of WebSockets and have a working example:

{* ../../docs_src/websockets/tutorial001_py39.py hl[2,6:38,41:43] *}

## Create a `websocket` { #create-a-websocket }

In your **FastAPI** application, create a `websocket`:

	allConfigs := r.Form.Get("allConfigs") == "true"
	if cfgName == "" && !allConfigs {
		cfgName = madmin.Default
	}

	if isAll && len(userList) > 0 {
		// This should be checked on client side, so return generic error
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrInvalidRequest), r.URL)
		return
	}

	// Empty DN list and not self, list access keys for all users
	if isAll {

- hyperkube: Use debian-hyperkube-base@v1.1.0 image
  
    A previous release built hyperkube using the debian-hyperkube-base@v1.0.0,
    which was updated to address a CVE in the CNI plugins.
    
    A side-effect of using this new image was that the networking packages
    (namely `iptables`) drifted from the versions used in the kube-proxy images.
  
    The following issues were filed on kube-proxy failures when using hyperkube:

- Support server-side dry-run in kubectl with --dry-run=server for commands including apply, patch, create, run, annotate,...

        ps.println(c);
    }

    /**
     * This is an alternative to the <code>java.lang.Integer.toHexString</code>
     * method. It is an efficient relative that also will pad the left side so
     * that the result is <code>size</code> digits.
     *
     * @param val the integer value to convert to hexadecimal
     * @param size the desired length of the resulting hex string (will be left-padded with zeros)

  integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==

side-channel@^1.0.4:
  version "1.0.4"
  resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.4.tgz#efce5c8fdc104ee751b25c58d4290011fa5ea2cf"
  integrity sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==

			fv:   defaultFormVals.Clone().Set(xhttp.AmzAccessKeyID, "access").Set(xhttp.AmzSignatureV2, "signature-value"),
		},
		{
			name: "any form value starting with X-Amz-Server-Side-Encryption- does not have to appear in policy",
			fv: defaultFormVals.Clone().
				Set(xhttp.AmzServerSideEncryptionKmsContext, "context-val").
				Set(xhttp.AmzServerSideEncryptionCustomerAlgorithm, "algo-val"),
		},
	}

            Thread.currentThread().setContextClassLoader(oldClassLoader);
            legacySupport.setSession(oldSession);
        }
    }

    /**
     * TODO pluginDescriptor classRealm and artifacts are set as a side effect of this
     *      call, which is not nice.
     * @throws PluginResolutionException
     */
    @Override
    public ClassRealm getPluginRealm(MavenSession session, PluginDescriptor pluginDescriptor)