end }} minio/templates/_helper_create_bucket.txt #!/bin/sh set -e ; # Have script exit in the event of a failed command. {{- if .Values.configPathmc }} MC_CONFIG_DIR="{{ .Values.configPathmc }}" MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" {{- else }} MC="/usr/bin/mc --insecure" {{- end }} # connectToMinio # Use a check-sleep-check loop to wait for Minio service to be available connectToMinio() { SCHEME=$1 ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts set -e ; # fail if we can't read the...

end }} minio/templates/_helper_create_bucket.txt #!/bin/sh set -e ; # Have script exit in the event of a failed command. {{- if .Values.configPathmc }} MC_CONFIG_DIR="{{ .Values.configPathmc }}" MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" {{- else }} MC="/usr/bin/mc --insecure" {{- end }} # connectToMinio # Use a check-sleep-check loop to wait for MinIO service to be available connectToMinio() { SCHEME=$1 ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts set -e ; # fail if we can't read the...

		return true
	case emptySHA256:
		// some broken clients set empty-sha256
		// with > 0 content-length in the body,
		// we should skip such clients and allow
		// blindly such insecure clients only if
		// S3 strict compatibility is disabled.

		// We return true only in situations when
		// deployment has asked MinIO to allow for
		// such broken clients and content-length > 0.

end }} minio/templates/_helper_create_bucket.txt #!/bin/sh set -e ; # Have script exit in the event of a failed command. {{- if .Values.configPathmc }} MC_CONFIG_DIR="{{ .Values.configPathmc }}" MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" {{- else }} MC="/usr/bin/mc --insecure" {{- end }} # connectToMinio # Use a check-sleep-check loop to wait for Minio service to be available connectToMinio() { SCHEME=$1 ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts set -e ; # fail if we can't read the...

end }} minio/templates/_helper_create_bucket.txt #!/bin/sh set -e ; # Have script exit in the event of a failed command. {{- if .Values.configPathmc }} MC_CONFIG_DIR="{{ .Values.configPathmc }}" MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" {{- else }} MC="/usr/bin/mc --insecure" {{- end }} # connectToMinio # Use a check-sleep-check loop to wait for Minio service to be available connectToMinio() { SCHEME=$1 ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts set -e ; # fail if we can't read the...

end }} minio/templates/_helper_create_bucket.txt #!/bin/sh set -e ; # Have script exit in the event of a failed command. {{- if .Values.configPathmc }} MC_CONFIG_DIR="{{ .Values.configPathmc }}" MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" {{- else }} MC="/usr/bin/mc --insecure" {{- end }} # connectToMinio # Use a check-sleep-check loop to wait for Minio service to be available connectToMinio() { SCHEME=$1 ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts set -e ; # fail if we can't read the...

    .build();
```

With a server that holds a certificate and a client that trusts it we have enough for an HTTPS
handshake. The best part of this example is that we don't need to make our test code insecure with a
a fake `HostnameVerifier` or `X509TrustManager`.

Certificate Authorities
-----------------------

The above example uses a self-signed certificate. This is convenient for testing but not

    /** Flag to enable load balancing across domain controllers */
    private boolean loadBalance;

    /** Flag to enable basic authentication */
    private boolean enableBasic;

    /** Flag to allow insecure basic authentication */
    private boolean insecureBasic;

    /** The authentication realm */
    private String realm;

    /** The CIFS context for transport operations */

--ftp="passive-port-range=30000-40000"
```

### Change default SFTP port

Default port '8022' can be changed via

```
--sftp="address=:3022"
```

### TLS (FTP)

Unlike SFTP server, FTP server is insecure by default. To operate under TLS mode, you need to provide certificates via

```
--ftp="tls-private-key=path/to/private.key" --ftp="tls-public-cert=path/to/public.crt"
```

And it should have an `access_token`, with a string containing our access token.

For this simple example, we are going to just be completely insecure and return the same `username` as the token.

/// tip

In the next chapter, you will see a real secure implementation, with password hashing and <abbr title="JSON Web Tokens">JWT</abbr> tokens.

But for now, let's focus on the specific details we need.

///