//
  // Validation requirements:
  //  1. certificate must contain one or more PEM blocks.
  //  2. All PEM blocks must have the "CERTIFICATE" label, contain no headers, and the encoded data
  //   must be a BER-encoded ASN.1 Certificate structure as described in section 4 of RFC5280.
  //  3. Non-PEM content may appear before or after the "CERTIFICATE" PEM blocks and is unvalidated,

  )
  fun keyPair(): KeyPair = keyPair

  /**
   * Returns the certificate encoded in [PEM format][rfc_7468].
   *
   * [rfc_7468]: https://tools.ietf.org/html/rfc7468
   */
  fun certificatePem(): String = certificate.certificatePem()

  /**
   * Returns the private key encoded in [PKCS #8][rfc_5208] [PEM format][rfc_7468].
   *
   * [rfc_5208]: https://tools.ietf.org/html/rfc5208

    // subjectAltName=DNS:localhost.localdomain,DNS:localhost,IP:127.0.0.1
    //
    // $ openssl req -x509 -nodes -days 36500 -subj '/CN=localhost' -config ./cert.cnf \
    //     -newkey rsa:512 -out cert.pem
    val certificate =
      certificate(
        """
        -----BEGIN CERTIFICATE-----
        MIIBWDCCAQKgAwIBAgIJANS1EtICX2AZMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV

					if err != nil {
						return tls.Certificate{}, fmt.Errorf("Unable to decrypt KES client private key as specified by the shell environment: %v", err)
					}
					keyBytes = pem.EncodeToMemory(&pem.Block{Type: privateKeyPEM.Type, Bytes: keyBytes})
				}
				certificate, err := tls.X509KeyPair(certBytes, keyBytes)
				if err != nil {

			verifyTestcaseOutput(t, Cmd(cli.NewFakeContext(nil)), c)
		})
	}
}

var generated = map[string]bool{
	"hosts":         true,
	"istio-token":   true,
	"mesh.yaml":     true,
	"root-cert.pem": true,
	"cluster.env":   true,
}

const goldenSuffix = ".golden"

// TestWorkloadEntryConfigure enumerates test cases based on subdirectories of testdata/vmconfig.

          }

          println(response.body!!.string())
        }
      }

      /**
       * Returns an input stream containing one or more certificate PEM files. This implementation just
       * embeds the PEM files in Java strings; most applications will instead read this from a resource
       * file that gets bundled with the application.
       */

export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_target1="token"
export MINIO_AUDIT_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
export MINIO_AUDIT_WEBHOOK_CLIENT_CERT="/tmp/cert.pem"
export MINIO_AUDIT_WEBHOOK_CLIENT_KEY=="/tmp/key.pem"
minio server /mnt/data
```

Setting this environment variable automatically enables audit logging to the HTTP target. The audit logging is in JSON format as described below.

NOTE:

    }
  },
  "certificates": [
    {
      "identity": "spiffe://cluster.local/ns/istio-system/sa/istiod",
      "state": "Available",
      "certChain": [
        {

MINIO_ETCD_ENDPOINTS value: {{ join "," .Values.etcd.endpoints | quote }} {{- if .Values.etcd.clientCert }} - name: MINIO_ETCD_CLIENT_CERT value: "/etc/credentials/etcd_client_cert.pem" {{- end }} {{- if .Values.etcd.clientCertKey }} - name: MINIO_ETCD_CLIENT_CERT_KEY value: "/etc/credentials/etcd_client_cert_key.pem" {{- end }} {{- if .Values.etcd.pathPrefix }} - name: MINIO_ETCD_PATH_PREFIX value: {{ .Values.etcd.pathPrefix }} {{- end }} {{- if .Values.etcd.corednsPathPrefix }} - name: MINIO_ETCD_COREDNS_PATH...

MINIO_ETCD_ENDPOINTS value: {{ join "," .Values.etcd.endpoints | quote }} {{- if .Values.etcd.clientCert }} - name: MINIO_ETCD_CLIENT_CERT value: "/etc/credentials/etcd_client_cert.pem" {{- end }} {{- if .Values.etcd.clientCertKey }} - name: MINIO_ETCD_CLIENT_CERT_KEY value: "/etc/credentials/etcd_client_cert_key.pem" {{- end }} {{- if .Values.etcd.pathPrefix }} - name: MINIO_ETCD_PATH_PREFIX value: {{ .Values.etcd.pathPrefix }} {{- end }} {{- if .Values.etcd.corednsPathPrefix }} - name: MINIO_ETCD_COREDNS_PATH...