// Produced ClientHello handshake message
          // Consuming ServerHello handshake message
          // Consuming server Certificate handshake message
          // Consuming server CertificateStatus handshake message
          // Found trusted certificate
          // Consuming ECDH ServerKeyExchange handshake message
          // Consuming ServerHelloDone handshake message

    @Override
    public int getContentLength() {
        handshake();
        return this.connection.getContentLength();
    }

    @Override
    public String getContentType() {
        handshake();
        return this.connection.getContentType();
    }

    @Override
    public String getContentEncoding() {
        handshake();
        return this.connection.getContentEncoding();
    }

            handshake();
        } catch (final IOException ex) {}
        return connection.getContentEncoding();
    }

    @Override
    public long getExpiration() {
        try {
            handshake();
        } catch (final IOException ex) {}
        return connection.getExpiration();
    }

    @Override
    public long getDate() {
        try {
            handshake();

            address.url.host,
          )
        }
      this.handshake = handshake

      // Check that the certificate pinner is satisfied by the certificates presented.
      certificatePinner.check(address.url.host) {
        handshake.peerCertificates.map { it as X509Certificate }
      }

      // Success! Save the handshake and the ALPN protocol.
      val maybeProtocol =

      apply {
        this.code = code
      }

    open fun message(message: String) =
      apply {
        this.message = message
      }

    open fun handshake(handshake: Handshake?) =
      apply {
        this.handshake = handshake
      }

    /**
     * Sets the header named [name] to [value]. If this request already has any headers
     * with that name, they are all replaced.
     */

        ),
      ).assertLogMatch(
        Regex(
          """callFailed: \S+(?:SSLProtocolException|SSLHandshakeException|TlsFatalAlert): .*(?:Unexpected handshake message: client_hello|Handshake message sequence violation, 1|Read error|Handshake failed|unexpected_message\(10\)).*""",

    }

    /**
     * Test simple getter methods that should trigger the handshake.
     * We mock a simple 200 OK response to test the handshake is called.
     * @throws IOException
     */
    @Test
    void testGettersTriggerHandshake() throws IOException {
        // Arrange
        // Spy on the connection to verify handshake() is called
        NtlmHttpURLConnection spiedConnection = spy(ntlmConnection);

    // We have a host mismatch. But if the certificate matches, we're still good.
    return !noCoalescedConnections && handshake != null && certificateSupportHost(url, handshake)
  }

  private fun certificateSupportHost(
    url: HttpUrl,
    handshake: Handshake,
  ): Boolean {
    val peerCertificates = handshake.peerCertificates

    return peerCertificates.isNotEmpty() &&

    platform.assumeNotConscrypt()
    platform.assumeNotBouncyCastle()

    val client = makeClient(ConnectionSpec.RESTRICTED_TLS, TlsVersion.TLS_1_2)

    val handshake = makeRequest(client)

    assertThat(handshake.cipherSuite).isIn(*expectedModernTls12CipherSuites.toTypedArray())

    // Probably something like
    // TLS_AES_128_GCM_SHA256
    // TLS_AES_256_GCM_SHA384

  }

  @Test @Disabled
  fun handshake() {
    val handshake: Handshake =
      Handshake.get((localhost().sslSocketFactory().createSocket() as SSLSocket).session)
    val tlsVersion: TlsVersion = handshake.tlsVersion()
    val cipherSuite: CipherSuite = handshake.cipherSuite()
    val peerCertificates: List<Certificate> = handshake.peerCertificates()
    val peerPrincipal: Principal? = handshake.peerPrincipal()