* A certificate signed by a CA contains information about the issued identity (e.g. name, expiry, public key) and any intermediate certificates. The root CA is not included.

## 3. Generate and use Self-signed Keys and Certificates with MinIO

This section describes how to generate a self-signed certificate using various tools:

install --set existingSecret=my-minio-secret minio/minio ``` The following fields are expected in the secret: | .data.<key> in Secret | Corresponding variable | Description | Required | |:-------- | `rootUser` | `rootUser` | Root user. | yes | | `rootPassword` | `rootPassword` | Root password. | yes | All corresponding variables will be ignored in values file. Configure TLS ---------- To enable TLS for MinIO containers, acquire TLS certificates from a CA or create self-signed certificates. While creating...

 * leaks, by ensuring that objects are no longer strongly referenced:
 *
 * {@snippet :
 * // Helper function keeps victim stack-unreachable.
 * private WeakReference<Foo> fooWeakRef() {
 *   Foo x = ....;
 *   WeakReference<Foo> weakRef = new WeakReference<>(x);
 *   // ... use x ...
 *   x = null;  // Hint to the JIT that x is stack-unreachable
 *   return weakRef;
 * }
 * public void testFooLeak() {

        // Normalize slashes
        path = path.replace('/', '\\');

        // Remove redundant slashes
        path = path.replaceAll("\\\\+", "\\\\");

        // Remove trailing slash unless it's root
        if (path.length() > 1 && path.endsWith("\\")) {
            path = path.substring(0, path.length() - 1);
        }

        return path;
    }

    /**
     * Validates username
     *

    params {
        // The promotion job doesn't have a branch, so %teamcity.build.branch% doesn't work.
        param("env.BUILD_BRANCH", "%teamcity.build.branch%")
    }

    vcs {
        root(AbsoluteId(VersionedSettingsBranch.fromDslContext().vcsRootId()))
        checkoutMode = CheckoutMode.ON_AGENT
        branchFilter = branchesFilterExcluding()
    }

    features {
        enablePullRequestFeature()

	}
	return prefer, true
}

// isInDir returns whether the entry is in the dir when considering the separator.
func (e metaCacheEntry) isInDir(dir, separator string) bool {
	if len(dir) == 0 {
		// Root
		idx := strings.Index(e.name, separator)
		return idx == -1 || idx == len(e.name)-len(separator)
	}
	ext := strings.TrimPrefix(e.name, dir)
	if len(ext) != len(e.name) {
		idx := strings.Index(ext, separator)

install --set existingSecret=my-minio-secret minio/minio ``` The following fields are expected in the secret: | .data.<key> in Secret | Corresponding variable | Description | Required | |:-------- | `rootUser` | `rootUser` | Root user. | yes | | `rootPassword` | `rootPassword` | Root password. | yes | All corresponding variables will be ignored in values file. Configure TLS ---------- To enable TLS for MinIO containers, acquire TLS certificates from a CA or create self-signed certificates. While creating...

install --set existingSecret=my-minio-secret minio/minio ``` The following fields are expected in the secret: | .data.<key> in Secret | Corresponding variable | Description | Required | |:-------- | `rootUser` | `rootUser` | Root user. | yes | | `rootPassword` | `rootPassword` | Root password. | yes | All corresponding variables will be ignored in values file. Configure TLS ---------- To enable TLS for MinIO containers, acquire TLS certificates from a CA or create self-signed certificates. While creating...

install --set existingSecret=my-minio-secret minio/minio ``` The following fields are expected in the secret: | .data.<key> in Secret | Corresponding variable | Description | Required | |:-------- | `rootUser` | `rootUser` | Root user. | yes | | `rootPassword` | `rootPassword` | Root password. | yes | All corresponding variables will be ignored in values file. Configure TLS ---------- To enable TLS for MinIO containers, acquire TLS certificates from a CA or create self-signed certificates. While creating...

    `HandshakeCertificates` holds the TLS certificates required for a TLS handshake. On the server
    it keeps your `HeldCertificate` and its chain. On the client it keeps the root certificates
    that are trusted to sign a server's certificate chain. `HandshakeCertificates` also works with
    mutual TLS where these roles are reversed.