// 3) Caller specified but assuming the visible defaults in MODERN_CIPHER_SUITES are rejigged
    // to match legacy i.e. the platform/provider
    //
    // Opting for 2 here and keeping MODERN_TLS in line with secure browsers.
    cipherSuitesAsString.intersect(socketEnabledCipherSuites, CipherSuite.ORDER_BY_NAME)
  } else {
    socketEnabledCipherSuites
  }

internal fun MediaType?.chooseCharset(): Pair<Charset, MediaType?> {

///

## `HTTPSRedirectMiddleware` { #httpsredirectmiddleware }

Enforces that all incoming requests must either be `https` or `wss`.

Any incoming request to `http` or `ws` will be redirected to the secure scheme instead.

{* ../../docs_src/advanced_middleware/tutorial001.py hl[2,6] *}

## `TrustedHostMiddleware` { #trustedhostmiddleware }

   *
   * @deprecated If you must interoperate with a system that requires MD5, then use this method,
   *     despite its deprecation. But if you can choose your hash function, avoid MD5, which is
   *     neither fast nor secure. As of January 2017, we suggest:
   *     <ul>
   *       <li>For security:
   *           {@link Hashing#sha256} or a higher-level API.
   *       <li>For speed: {@link Hashing#goodFastHash}, though see its docs for caveats.

	stsEndpointURL, err := url.Parse(stsEndpoint)
	if err != nil {
		log.Fatalf("Error parsing sts endpoint: %v", err)
	}
	copts := &minio.Options{
		Creds:  li,
		Secure: stsEndpointURL.Scheme == "https",
	}
	minioClient, err := minio.New(stsEndpointURL.Host, copts)
	if err != nil {
		log.Fatalf("Error initializing client: ", err)
	}

# How to secure access to MinIO on Kubernetes with TLS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)

This document explains how to configure MinIO server with TLS certificates on Kubernetes.

## 1. Prerequisites

- Familiarity with [MinIO deployment process on Kubernetes](https://docs.min.io/community/minio-object-store/operations/deployments/kubernetes.html).

- Kubernetes cluster with `kubectl` configured.

   *
   * @deprecated If you must interoperate with a system that requires MD5, then use this method,
   *     despite its deprecation. But if you can choose your hash function, avoid MD5, which is
   *     neither fast nor secure. As of January 2017, we suggest:
   *     <ul>
   *       <li>For security:
   *           {@link Hashing#sha256} or a higher-level API.
   *       <li>For speed: {@link Hashing#goodFastHash}, though see its docs for caveats.

    title: Auth, user management and more for your B2B product
    img: https://fastapi.tiangolo.com/img/sponsors/propelauth.png
  - url: https://zuplo.link/fastapi-gh
    title: 'Zuplo: Deploy, Secure, Document, and Monetize your FastAPI'
    img: https://fastapi.tiangolo.com/img/sponsors/zuplo.png
  - url: https://liblab.com?utm_source=fastapi
    title: liblab - Generate SDKs from FastAPI

        .build()

    // An example test URL that returns client certificate details.
    val request =
      Request
        .Builder()
        .url("https://prod.idrix.eu/secure/")
        .build()

    client.newCall(request).execute().use { response ->
      if (!response.isSuccessful) throw IOException("Unexpected code $response")

      println(response.body.string())
    }
  }
}

     */
    protected InputStream bodyStream;

    /**
     * The compression type for the request.
     */
    protected String compression = null;

    /**
     * The SSL socket factory for secure connections.
     */
    protected SSLSocketFactory sslSocketFactory = null;

    /**
     * The thread pool for executing the request.
     */
    protected ForkJoinPool threadPool;

    /**

		} else {
			mcreds = credentials.NewStaticV4(sa.Credentials.AccessKey, sa.Credentials.SecretKey, "")
		}

		return minio.New(driver.endpoint, &minio.Options{
			Creds:           mcreds,
			Secure:          globalIsTLS,
			Transport:       tr,
			TrailingHeaders: true,
		})
	}

	// ok == true - at this point

	if ui.Credentials.IsTemp() {
		// Temporary credentials are not allowed.