.build();
```

With a server that holds a certificate and a client that trusts it we have enough for an HTTPS
handshake. The best part of this example is that we don't need to make our test code insecure with a
a fake `HostnameVerifier` or `X509TrustManager`.

Certificate Authorities
-----------------------

The above example uses a self-signed certificate. This is convenient for testing but not

   * system does not support {@link SecureDirectoryStream}).
   *
   * <p><b>Warning:</b> On a file system that supports symbolic links, it is possible for an
   * insecure recursive delete to delete files and directories that are <i>outside</i> the directory
   * being deleted. This can happen if, after checking that a file is a directory (and not a

     * gaps. For example, an insecure TLS connection is capable of negotiating HTTP/2 with ALPN and
     * it also has a regular-looking handshake.
     *
     * **This feature is not supported on Android API levels less than 24.** Prior releases lacked
     * a mechanism to trust some hosts and not others.
     *
     * @param hostname the exact hostname from the URL for insecure connections.
     */

        DuplicateHost host2 = new DuplicateHost();
        host2.setRegularName("secure.example.com");
        host2.setDuplicateHostName("www.example.com");
        helper.duplicateHostList.add(host2);

        String url = "http://example.com/test";
        String result = helper.convert(url);

        assertEquals("http://secure.example.com/test", result);
    }

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3

/**
 * Versions of TLS that can be offered when negotiating a secure socket. See
 * [javax.net.ssl.SSLSocket.setEnabledProtocols].
 */
enum class TlsVersion(
  @get:JvmName("javaName") val javaName: String,
) {
  TLS_1_3("TLSv1.3"), // 2016.
  TLS_1_2("TLSv1.2"), // 2008.

#                                                     Tomcat
#                                                     ------
tomcat.URIEncoding = UTF-8
tomcat.useBodyEncodingForURI = true
#tomcat.secure=false
#tomcat.scheme=http
#tomcat.bindAddress=127.0.0.1
#tomcat.proxyPort=

 * as a single request/response exchange.
 *
 * ## Modern TLS
 *
 * There are trade-offs when selecting which options to include when negotiating a secure connection
 * to a remote host. Newer TLS options are quite useful:
 *
 *  * Server Name Indication (SNI) enables one IP address to negotiate secure connections for
 *    multiple domain names.
 *
 *  * Application Layer Protocol Negotiation (ALPN) enables the HTTPS port (443) to be used to

        .build()

    // An example test URL that returns client certificate details.
    val request =
      Request
        .Builder()
        .url("https://prod.idrix.eu/secure/")
        .build()

    client.newCall(request).execute().use { response ->
      if (!response.isSuccessful) throw IOException("Unexpected code $response")

      println(response.body.string())
    }
  }
}

   *
   * [rfc_7540_34]: https://datatracker.ietf.org/doc/html/rfc7540#autoid-10
   */
  H2_PRIOR_KNOWLEDGE("h2_prior_knowledge"),

  /**
   * QUIC (Quick UDP Internet Connection) is a new multiplexed and secure transport atop UDP,
   * designed from the ground up and optimized for HTTP/2 semantics. HTTP/1.1 semantics are layered
   * on HTTP/2.
   *

@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface Secured {
    /**
     * Returns the list of security configuration attributes (e.g. ROLE_USER, ROLE_ADMIN).
     *
     * @return String[] The secure method attributes
     */
    String[] value();