diff --git a/examples/SetBucketAcl.java b/examples/SetBucketAcl.java
index f63d64161..f95f4b7cd 100644
--- a/examples/SetBucketAcl.java
+++ b/examples/SetBucketAcl.java
@@ -34,7 +34,7 @@ public static void main(String[] args)
     MinioClient s3Client = new MinioClient("https://s3.amazonaws.com", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY");
 
     // set bucket canned acl
-    s3Client.setBucketAcl("my-bucketname", Acl.PRIVATE);
-    System.out.println("Canned ACL " + Acl.PRIVATE + " is set successfully to my-bucketname");
+    s3Client.setBucketAcl("my-bucketname", Acl.PUBLIC_READ_WRITE);
+    System.out.println("Canned ACL " + Acl.PUBLIC_READ_WRITE + " is set successfully to my-bucketname");
   }
 }
diff --git a/src/main/java/io/minio/MinioClient.java b/src/main/java/io/minio/MinioClient.java
index 7e793b8bc..817278f40 100644
--- a/src/main/java/io/minio/MinioClient.java
+++ b/src/main/java/io/minio/MinioClient.java
@@ -282,21 +282,6 @@ private boolean isValidEndpoint(String endpoint) {
   }
 
 
-  // host style validates if bucket name can be used along with host name.
-  private boolean hostStyle(HttpUrl url, String bucketName) throws InvalidBucketNameException {
-    // Validate bucket name.
-    checkBucketName(bucketName);
-
-    // bucketName can be valid but '.' in the hostname will fail SSL
-    // certificate validation. So do not use host-style for such buckets.
-    if (baseUrl.isHttps() && bucketName.contains(".")) {
-      return false;
-    }
-
-    // For all other cases for Amazon S3 we default to host-style.
-    return baseUrl.host().equals("s3.amazonaws.com");
-  }
-
   // Validates if input bucket name is DNS compatible.
   private void checkBucketName(String name) throws InvalidBucketNameException {
     if (name == null) {
@@ -334,20 +319,30 @@ private Request createRequest(Method method, String bucketName, String objectNam
 
     HttpUrl.Builder urlBuilder = this.baseUrl.newBuilder();
 
-    String host = this.baseUrl.host();
-    if (region != null && host.equals("s3.amazonaws.com")) {
-      host = AwsS3Endpoints.INSTANCE.endpoint(region);
-    }
-    urlBuilder.host(host);
-
     if (bucketName != null) {
-      boolean isHostStyle = hostStyle(baseUrl, bucketName);
+      checkBucketName(bucketName);
+
+      String host = this.baseUrl.host();
+      if (host.equals("s3.amazonaws.com")) {
+        // special case: handle s3.amazonaws.com separately
+        if (region != null) {
+          host = AwsS3Endpoints.INSTANCE.endpoint(region);
+        }
+
+        boolean usePathStyle = false;
+        if (method == Method.PUT && objectName == null && queryParamMap == null) {
+          // use path style for make bucket to workaround "AuthorizationHeaderMalformed" error from s3.amazonaws.com
+          usePathStyle = true;
+        } else if (queryParamMap != null && queryParamMap.containsKey("location")) {
+          // use path style for location query
+          usePathStyle = true;
+        } else if (bucketName.contains(".") && this.baseUrl.isHttps()) {
+          // use path style where '.' in bucketName causes SSL certificate validation error
+          usePathStyle = true;
+        }
 
-      // Special case:
-      // if the request is for s3.amazonaws.com and location query,
-      // use s3.amazonaws.com/BUCKETNAME.
-      if (isHostStyle) {
-        if (queryParamMap != null && queryParamMap.containsKey("location")) {
+        if (usePathStyle) {
+          urlBuilder.host(host);
           urlBuilder.addPathSegment(bucketName);
         } else {
           urlBuilder.host(bucketName + "." + host);