* host platform (like Android). In July 2018 Android had 134 trusted root certificates for its HTTP
 * clients to trust.
 *
 * For example, in order to establish a secure connection to `https://www.squareup.com/`,
 * these three certificates are used.
 *
 * ```
 * www.squareup.com certificate:
 *
 * Common Name: www.squareup.com

  brought by any other entity based on infringement of intellectual
  property rights or otherwise. As a condition to exercising the
  rights and licenses granted hereunder, each Recipient hereby
  assumes sole responsibility to secure any other intellectual
  property rights needed, if any. For example, if a third party
  patent license is required to allow Recipient to Distribute the
  Program, it is Recipient's responsibility to acquire that license

 * Peer certificate chain:
 *     sha256/afwiKY3RxoMmLkuRW1l7QsPZTJPwDS2pdDROQjXw8ig=: CN=publicobject.com, OU=PositiveSSL
 *     sha256/klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=: CN=COMODO RSA Secure Server CA
 *     sha256/grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=: CN=COMODO RSA Certification Authority
 *     sha256/lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=: CN=AddTrust External CA Root

    val hostOnly: Boolean = cookie.hostOnly
    val domain: String = cookie.domain
    val path: String = cookie.path
    val httpOnly: Boolean = cookie.httpOnly
    val secure: Boolean = cookie.secure
    val matches: Boolean = cookie.matches("".toHttpUrl())
    val parsedCookie: Cookie? = Cookie.parse("".toHttpUrl(), "")
    val cookies: List<Cookie> = Cookie.parseAll("".toHttpUrl(), headersOf())
  }

<a href="https://cryptapi.io/" target="_blank" title="CryptAPI: Your easy to use, secure and privacy oriented payment gateway."><img src="https://fastapi.tiangolo.com/img/sponsors/cryptapi.svg"></a>
<a href="https://platform.sh/try-it-now/?utm_source=fastapi-signup&utm_medium=banner&utm_campaign=FastAPI-signup-June-2023" target="_blank" title="Build, run and scale your apps on a modern, reliable, and secure PaaS."><img src="https://fastapi.tiangolo.com/img/sponsors/platform-sh.png"></a>

### Certificate Directory

TLS certificates by default are expected to be stored under ``${HOME}/.minio/certs`` directory. You need to place certificates here to enable `HTTPS` based access. Read more about [How to secure access to MinIO server with TLS](https://min.io/docs/minio/linux/operations/network-encryption.html).

Following is a sample directory structure for MinIO server with TLS certificates.

```sh
$ mc tree --files ~/.minio

		f.permissions.CriticalOptions["AccessKey"],
		f.permissions.CriticalOptions["SecretKey"],
		f.permissions.CriticalOptions["SessionToken"],
	)
	return minio.New(f.endpoint, &minio.Options{
		Creds:     mcreds,
		Secure:    globalIsTLS,
		Transport: globalRemoteFTPClientTransport,
	})
}

func (f *sftpDriver) AccessKey() string {
	return f.permissions.CriticalOptions["AccessKey"]
}

that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret certSecret: "" publicCrt: public.crt privateKey: private.key ## Trusted Certificates Settings for MinIO. Ref: https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls#install-certificates-from-third-party-cas ## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret ##...

					// credentials update is possible only in bucket replication. User will never
					// know the site replicator creds.
					tgt.Credentials = target.Credentials
					tgt.TargetBucket = target.TargetBucket
					tgt.Secure = target.Secure
					tgt.Endpoint = target.Endpoint
				}
			case madmin.SyncUpdateType:
				tgt.ReplicationSync = target.ReplicationSync
			case madmin.ProxyUpdateType:
				tgt.DisableProxy = target.DisableProxy

		if region == "" {
			region = "us-east-1"
		}
		clnt, err = minio.New(globalLocalNodeName, &minio.Options{
			Creds:     credentials.NewStaticV4(opts.creds.AccessKey, opts.creds.SecretKey, opts.creds.SessionToken),
			Secure:    globalIsTLS,
			Transport: globalRemoteTargetTransport,
			Region:    region,
		})
		if err != nil {
			return res, err
		}
	}

	var mu sync.Mutex
	var uploadTimes madmin.TimeDurations