* For HTTPS, **the server** needs to **have "certificates"** generated by a **third party**.
    * Those certificates are actually **acquired** from the third party, not "generated".
* Certificates have a **lifetime**.
    * They **expire**.
    * And then they need to be **renewed**, **acquired again** from the third party.
* The encryption of the connection happens at the **TCP level**.
    * That's one layer **below HTTP**.

- Temporary credentials do not need to be stored with the application but are generated dynamically and provided to the application when requested. When (or even before) the temporary credentials expire, the application can request new credentials.

time="2020-07-12T20:45:50Z" level=info msg="config response types accepted: [code token id_token]"
time="2020-07-12T20:45:50Z" level=info msg="config using password grant connector: local"
time="2020-07-12T20:45:50Z" level=info msg="config signing keys expire after: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="config id tokens valid for: 3h0m0s"
time="2020-07-12T20:45:50Z" level=info msg="listening (http) on 0.0.0.0:5556"
```

### Configure MinIO server with Dex

		ACB_WSTRUST                = 0x00000080, /* 1 = Workstation trust account */
		ACB_SVRTRUST               = 0x00000100, /* 1 = Server trust account */
		ACB_PWNOEXP                = 0x00000200, /* 1 = User password does not expire */
		ACB_AUTOLOCK               = 0x00000400, /* 1 = Account auto locked */
		ACB_ENC_TXT_PWD_ALLOWED    = 0x00000800, /* 1 = Encryped text password is allowed */

transition_workers              (number)    set the number of transition workers (default: '100')
stale_uploads_expiry            (duration)  set to expire stale multipart uploads older than this values (default: '24h')
stale_uploads_cleanup_interval  (duration)  set to change intervals when stale multipart uploads are expired (default: '6h')

     */
    @Size(max = 20)
    public String name;

    /**
     * The expiration time for the crawling session.
     * This field indicates when the crawling session should expire or be cleaned up.
     */
    public String expiredTime;

    /**
     * The timestamp when this crawling session was created.
     * Stored as a long value representing milliseconds since epoch.
     */

                DirectoryCacheScope.IMMEDIATE_CHILDREN);

        // Make the cache entry expired
        DirectoryCacheEntry entry = directoryLeaseManager.getCacheEntry(directoryPath);
        entry.setMaxAge(1); // 1ms to expire immediately
        try {
            Thread.sleep(10);
        } catch (InterruptedException e) {
            // Ignore
        }

        // When lease is lost, cache entry should be removed

    * A "token" is just a string with some content that we can use later to verify this user.
    * Normally, a token is set to expire after some time.
        * So, the user will have to log in again at some point later.
        * And if the token is stolen, the risk is less. It is not like a permanent key that will work forever (in most of the cases).

const (
	defaultMaxSize = math.MaxInt
	// defaultTTL defines the default time-to-live (TTL) for each cache entry.
	// When the TTL for cache entries is not specified, each cache entry will expire after 24 hours.
	defaultTTL = time.Hour * 24
)

// New creates and returns a new Store instance.
//
// Parameters:
//   - size: The maximum capacity of the cache. If the provided size is less than or equal to 0,

    val pool = routePlanner.pool

    // Add a connection to the pool that won't expire for a while
    routePlanner.defaultConnectionIdleAtNanos = expireLater
    setPolicy(pool, address, AddressPolicy(1))
    assertThat(pool.connectionCount()).isEqualTo(1)

    // All other connections created will expire sooner
    routePlanner.defaultConnectionIdleAtNanos = expireSooner