# specific language governing permissions and limitations
# under the License.

# -----------------------------------------------------------------------------
# Apache Maven Encrypt Script
#
# Environment Variable Prerequisites
#
#   JAVA_HOME           (Optional) Points to a Java installation.
#   MAVEN_OPTS          (Optional) Java runtime options used when Maven is executed.

# specific language governing permissions and limitations
# under the License.

# -----------------------------------------------------------------------------
# Apache Maven Encrypt Script
#
# Environment Variable Prerequisites
#
#   JAVA_HOME           (Optional) Points to a Java installation.
#   MAVEN_OPTS          (Optional) Java runtime options used when Maven is executed.

			if err != nil {
				return
			}
			if sse, err = encrypt.NewSSEC(clientKey[:]); err != nil {
				return
			}
			opts.ServerSideEncryption = encrypt.SSECopy(sse)
			return
		}
		return
	}

	if crypto.SSEC.IsRequested(header) {
		clientKey, err = crypto.SSEC.ParseHTTP(header)
		if err != nil {
			return
		}
		if sse, err = encrypt.NewSSEC(clientKey[:]); err != nil {
			return
		}

## Let's Encrypt

Avant Let's Encrypt, ces certificats HTTPS étaient vendus par des tiers de confiance.

Le processus d'acquisition d'un de ces certificats était auparavant lourd, nécessitait pas mal de paperasses et les certificats étaient assez chers.

Mais ensuite, <a href="https://letsencrypt.org/" class="external-link" target="_blank">Let's Encrypt</a> a été créé.

It is not very popular or used nowadays.

OAuth2 doesn't specify how to encrypt the communication, it expects you to have your application served with HTTPS.

/// tip

In the section about **deployment** you will see how to set up HTTPS for free, using Traefik and Let's Encrypt.

///

## OpenID Connect { #openid-connect }

@REM specific language governing permissions and limitations
@REM under the License.

@REM -----------------------------------------------------------------------------
@REM Apache Maven Encrypt Script
@REM
@REM Environment Variable Prerequisites
@REM
@REM   JAVA_HOME           (Optional) Points to a Java installation.
@REM   MAVEN_BATCH_ECHO    (Optional) Set to 'on' to enable the echoing of the batch commands.

* Traefik（証明書の更新も対応）
* Caddy (証明書の更新も対応)
* Nginx
* HAProxy


## Let's Encrypt

Let's Encrypt以前は、これらの**HTTPS証明書**は信頼できる第三者によって販売されていました。

これらの証明書を取得するための手続きは面倒で、かなりの書類を必要とし、証明書はかなり高価なものでした。

しかしその後、**<a href="https://letsencrypt.org/" class="external-link" target="_blank">Let's Encrypt</a>** が作られました。

* Nginx
* HAProxy

## Let's Encrypt

Antes de Let's Encrypt, estos **certificados HTTPS** eran vendidos por terceros.

El proceso para adquirir uno de estos certificados solía ser complicado, requerir bastante papeleo y los certificados eran bastante costosos.

Pero luego se creó **<a href="https://letsencrypt.org/" class="external-link" target="_blank">Let's Encrypt</a>**.

	start_port=$1

	export MINIO_ROOT_USER=minio
	export MINIO_ROOT_PASSWORD=minio123
	export MC_HOST_minio="http://minio:minio123@127.0.0.1:${start_port}/"
	unset MINIO_KMS_AUTO_ENCRYPTION # do not auto-encrypt objects
	export MINIO_CI_CD=1

	MC_BUILD_DIR="mc-$RANDOM"
	if ! git clone --quiet https://github.com/minio/mc "$MC_BUILD_DIR"; then
		echo "failed to download https://github.com/minio/mc"
		purge "${MC_BUILD_DIR}"

Es unterstützt viele sichere Hashing-Algorithmen und Werkzeuge, um mit diesen zu arbeiten.

Der empfohlene Algorithmus ist „Bcrypt“.

Installieren Sie also PassLib mit Bcrypt:

<div class="termy">

```console
$ pip install "passlib[bcrypt]"

---> 100%
```

</div>

/// tip | Tipp