this.intermediates = arrayOf(*intermediates) // Defensive copy.
    }

    /**
     * Add a trusted root certificate to use when authenticating a peer. Peers must provide
     * a chain of certificates whose root is one of these.
     */
    fun addTrustedCertificate(certificate: X509Certificate) =
      apply {
        this.trustedCertificates += certificate
      }

    /**

    keyStoreType: String?,
    heldCertificate: HeldCertificate?,
    vararg intermediates: X509Certificate,
  ): X509KeyManager {
    val keyStore = newEmptyKeyStore(keyStoreType)
    if (heldCertificate != null) {
      val chain = arrayOfNulls<Certificate>(1 + intermediates.size)
      chain[0] = heldCertificate.certificate
      intermediates.copyInto(chain, 1)

  ): Boolean {
    if (toVerify.issuerDN != signingCert.subjectDN) {
      return false
    }
    if (signingCert.basicConstraints < minIntermediates) {
      return false // The signer can't have this many intermediates beneath it.
    }
    return try {
      toVerify.verify(signingCert.publicKey)
      true
    } catch (verifyFailed: GeneralSecurityException) {
      false
    }
  }

representative of real-world HTTPS deployment. To get closer to that we can use `HeldCertificate`
to generate a trusted root certificate, an intermediate certificate, and a server certificate.
We use `certificateAuthority(int)` to create certificates that can sign other certificates. The
int specifies how many intermediate certificates are allowed beneath it in the chain.

```java
HeldCertificate rootCertificate = new HeldCertificate.Builder()

        .Builder()
        .certificateAuthority(1)
        .build()
    val intermediate =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .signedBy(root)
        .build()
    val certificate =
      HeldCertificate
        .Builder()
        .signedBy(intermediate)
        .build()
    val handshakeCertificates =
      HandshakeCertificates

    assertThat(cleaner.clean(list(certificate, intermediateCa), "hostname"))
      .isEqualTo(
        list(certificate, intermediateCa, trusted),
      )
    assertThat(cleaner.clean(list(certificate, intermediateCa, trusted), "hostname"))
      .isEqualTo(
        list(certificate, intermediateCa, trusted),
      )
  }

  @Test
  fun chainMaxLength() {
    val heldCertificates = chainOfLength(10)

  - type: dropdown
    id: author-go-experience
    attributes:
      label: "Go Programming Experience"
      description: "Would you consider yourself a novice, intermediate, or experienced Go programmer?"
      options:
        - "Novice"
        - "Intermediate"
        - "Experienced"
      default: 1

  - type: input
    id: author-other-languages-experience
    attributes:
      label: "Other Languages Experience"

    /**
     * Resources to include with the generated documentation.
     */
    public abstract ConfigurableFileCollection getResources();

    /**
     * Location to stage the intermediate documentation. This is like a working directory.
     */
    public abstract DirectoryProperty getStagingRoot();

    public abstract RegularFileProperty getGeneratedMetaDataFile();

    /**

4. The daemon runs the request, sending back data such as logging output or tooling API events and intermediate models while doing so.
5. The daemon sends the result back. For some requests, this might be a simple success/failure result, and for others this might also include a more complex object, such as a tooling API model.

    /**
     * Source of samples that can be inserted into the user manual
     *
     */
    public abstract DirectoryProperty getSamples();

    /**
     * Working directory for staging directory for intermediate user manual files
     */
    public abstract DirectoryProperty getStagingRoot();

    public abstract DirectoryProperty getStagedDocumentation();

    /**
     * Additional resources to include in the final docs