).int()
    .default(DEFAULT_TIMEOUT)

  val followRedirects: Boolean by option("-L", "--location").help("Follow redirects").flag()

  val allowInsecure: Boolean by option("-k", "--insecure").help("Allow connections to SSL sites without certs").flag()

  val showHeaders: Boolean by option("-i", "--include").help("Include protocol headers in the output").flag()

    * For this to work, a **single** component (program) running on the server, listening on the **public IP address**, must have **all the HTTPS certificates** in the server.
* **After** obtaining a secure connection, the communication protocol is **still HTTP**.
    * The contents are **encrypted**, even though they are being sent with the **HTTP protocol**.

    // 3) Caller specified but assuming the visible defaults in MODERN_CIPHER_SUITES are rejigged
    // to match legacy i.e. the platform/provider
    //
    // Opting for 2 here and keeping MODERN_TLS in line with secure browsers.
    cipherSuitesAsString.intersect(socketEnabledCipherSuites, CipherSuite.ORDER_BY_NAME)
  } else {
    socketEnabledCipherSuites
  }

internal fun MediaType?.chooseCharset(): Pair<Charset, MediaType?> {

@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface Secured {
    /**
     * Returns the list of security configuration attributes (e.g. ROLE_USER, ROLE_ADMIN).
     *
     * @return String[] The secure method attributes
     */
    String[] value();

        this(new SecureRandom(), DEFAULT_HASH_ALGORITHM, true);
    }

    /**
     * Constructs a PreauthIntegrityService with specified configuration.
     *
     * @param secureRandom the secure random generator
     * @param hashAlgorithm the hash algorithm to use
     * @param enforceIntegrity whether to enforce integrity checks
     */

    val hostOnly: Boolean = cookie.hostOnly()
    val domain: String = cookie.domain()
    val path: String = cookie.path()
    val httpOnly: Boolean = cookie.httpOnly()
    val secure: Boolean = cookie.secure()
  }

  @Test @Disabled
  fun formBody() {
    val formBody: FormBody = FormBody.Builder().build()
    val size: Int = formBody.size()
  }

  @Test @Disabled
  fun handshake() {

	stsEndpointURL, err := url.Parse(stsEndpoint)
	if err != nil {
		log.Fatalf("Error parsing sts endpoint: %v", err)
	}
	copts := &minio.Options{
		Creds:  li,
		Secure: stsEndpointURL.Scheme == "https",
	}
	minioClient, err := minio.New(stsEndpointURL.Host, copts)
	if err != nil {
		log.Fatalf("Error initializing client: ", err)
	}

# How to secure access to MinIO on Kubernetes with TLS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

This document explains how to configure MinIO server with TLS certificates on Kubernetes.

## 1. Prerequisites

- Familiarity with [MinIO deployment process on Kubernetes](https://docs.min.io/community/minio-object-store/operations/deployments/kubernetes.html).

- Kubernetes cluster with `kubectl` configured.

   *
   * @deprecated If you must interoperate with a system that requires MD5, then use this method,
   *     despite its deprecation. But if you can choose your hash function, avoid MD5, which is
   *     neither fast nor secure. As of January 2017, we suggest:
   *     <ul>
   *       <li>For security:
   *           {@link Hashing#sha256} or a higher-level API.
   *       <li>For speed: {@link Hashing#goodFastHash}, though see its docs for caveats.

const crossDomainXML = `<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" secure="false" /></cross-domain-policy>`

// Standard path where an app would find cross domain policy information.
const crossDomainXMLEntity = "/crossdomain.xml"