}
        server.securityMode = buffer[bufferIndex] & 0xFF;
        bufferIndex++;
        server.security = server.securityMode & 0x01;
        server.encryptedPasswords = (server.securityMode & 0x02) == 0x02;
        server.signaturesEnabled = (server.securityMode & 0x04) == 0x04;
        server.signaturesRequired = (server.securityMode & 0x08) == 0x08;
        server.maxMpxCount = readInt2(buffer, bufferIndex);

    assertConnectionNotReused(requestA, requestB)
  }

  @Test
  fun connectionsAreNotReusedWithResponseConnectionClose() {
    server.enqueue(
      MockResponse(
        headers = headersOf("Connection", "close"),
        body = "a",
      ),
    )
    server.enqueue(MockResponse(body = "b"))
    val requestA = Request(server.url("/"))
    val requestB = Request(server.url("/"))

    - [Server Binaries](#server-binaries-3)
    - [Node Binaries](#node-binaries-3)
    - [Container Images](#container-images-3)
  - [Changelog since v1.22.13](#changelog-since-v12213)
  - [Important Security Information](#important-security-information-1)
    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)

			"X-Amz-Server-Side-Encryption":                []string{""},
			"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": []string{""},
			"X-Amz-Server-Side-Encryption-Context":        []string{""},
		},
		Expected: true,
	}, // 4
	{
		Header: http.Header{
			"X-Amz-Server-Side-Encryption":                []string{"AES256"},
			"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": []string{""},
		},
		Expected: true,
	}, // 5

install --set tls.enabled=true,tls.certSecret=tls-ssl-minio minio/minio ``` ### Installing certificates from third party CAs MinIO can connect to other servers, including MinIO nodes or other server types such as NATs and Redis. If these servers use certificates that were not registered with a known CA, add trust for these certificates to MinIO Server by bundling these certificates into a Kubernetes secret and providing it to Helm via the `trustedCertsSecret` value. If `.Values.tls.enabled` is `true`...

install --set tls.enabled=true,tls.certSecret=tls-ssl-minio minio/minio ``` ### Installing certificates from third party CAs MinIO can connect to other servers, including MinIO nodes or other server types such as NATs and Redis. If these servers use certificates that were not registered with a known CA, add trust for these certificates to MinIO Server by bundling these certificates into a Kubernetes secret and providing it to Helm via the `trustedCertsSecret` value. If `.Values.tls.enabled` is `true`...

// Version returns version information about the KMS.
//
// TODO(aead): refactor this API call since it does not account
// for multiple KMS/KES servers.
func (k *KMS) Version(ctx context.Context) (string, error) {
	return k.conn.Version(ctx)
}

// APIs returns a list of KMS server APIs.
//
// TODO(aead): remove this API since it's hardly useful.
func (k *KMS) APIs(ctx context.Context) ([]madmin.KMSAPI, error) {

        .signedBy(rootCa)
        .serialNumber(2L)
        .commonName(server.hostName)
        .addSubjectAlternativeName(server.hostName)
        .addSubjectAlternativeName("san.com")
        .addSubjectAlternativeName("*.wildcard.com")
        .addSubjectAlternativeName("differentdns.com")
        .build()
    serverIps = Dns.SYSTEM.lookup(server.hostName)
    dns[server.hostName] = serverIps
    dns["san.com"] = serverIps

    )
  }

  private fun WebSocketExtensions.isValid(): Boolean {
    // If the server returned parameters we don't understand, fail the web socket.
    if (unknownValues) return false

    // If the server returned a value for client_max_window_bits, fail the web socket.
    if (clientMaxWindowBits != null) return false

    // If the server returned an illegal server_max_window_bits, fail the web socket.

    server.webSocket!!.tearDown()
    client.webSocket!!.tearDown()
    taskFaker.close()
  }

  @Test
  fun close() {
    client.webSocket!!.close(1000, "Hello!")
    // This will trigger a close response.
    assertThat(server.processNextFrame()).isFalse()
    server.listener.assertClosing(1000, "Hello!")
    server.webSocket!!.finishReader()
    server.webSocket!!.close(1000, "Goodbye!")