.build()
    val intermediateCa =
      HeldCertificate
        .Builder()
        .signedBy(rootCa)
        .certificateAuthority(0)
        .serialNumber(2L)
        .commonName("intermediate_ca")
        .build()
    val certificate =
      HeldCertificate
        .Builder()
        .signedBy(intermediateCa)
        .serialNumber(3L)
        .commonName(server.hostName)
        .build()

    serverIntermediateCa =
      HeldCertificate
        .Builder()
        .signedBy(serverRootCa)
        .certificateAuthority(0)
        .serialNumber(2L)
        .commonName("intermediate_ca")
        .addSubjectAlternativeName("intermediate_ca.com")
        .build()
    serverCert =
      HeldCertificate
        .Builder()
        .signedBy(serverIntermediateCa)
        .serialNumber(3L)

    }

    /**
     * Set the certificate that will issue this certificate. If unset the certificate will be
     * self-signed.
     */
    fun signedBy(signedBy: HeldCertificate?) =
      apply {
        this.signedBy = signedBy
      }

    /**
     * Set this certificate to be a signing certificate, with up to `maxIntermediateCas`
     * intermediate signing certificates beneath it.

        .certificateAuthority(0)
        .rsa2048()
        .build()
    val leaf =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .ecdsa256()
        .signedBy(root)
        .build()
    assertThat(root.certificate.sigAlgName).isEqualTo("SHA256WITHRSA", ignoreCase = true)
    assertThat(leaf.certificate.sigAlgName).isEqualTo("SHA256WITHRSA", ignoreCase = true)
  }

    val serverCa =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .build()
    val serverCertificate =
      HeldCertificate
        .Builder()
        .signedBy(serverCa)
        .addSubjectAlternativeName(server.hostName)
        .build()
    val serverHandshakeCertificates =
      HandshakeCertificates
        .Builder()

    val root =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .rsa2048()
        .build()
    val certificate =
      HeldCertificate
        .Builder()
        .signedBy(root)
        .rsa2048()
        .build()

    val certificateByteString = certificate.certificate.encoded.toByteString()

    // Valid signature.
    val okHttpCertificate =

    val serverCa =
      HeldCertificate
        .Builder()
        .certificateAuthority(0)
        .build()
    val serverCertificate =
      HeldCertificate
        .Builder()
        .signedBy(serverCa)
        .addSubjectAlternativeName(server.hostName)
        .build()
    val serverHandshakeCertificates =
      HandshakeCertificates
        .Builder()

        .Builder()
        .serialNumber(1L)
        .certificateAuthority(0)
        .commonName("root")
        .build()
    certificate =
      HeldCertificate
        .Builder()
        .signedBy(rootCa)
        .serialNumber(2L)
        .commonName(server.hostName)
        .addSubjectAlternativeName(server.hostName)
        .addSubjectAlternativeName("san.com")
        .addSubjectAlternativeName("*.wildcard.com")

	VMSLTUVI	$17, V2, V3			// ERROR "signed immediate 16 must be in range [-16, 15]"
	VMSLTUVI	$-16, V2, V3			// ERROR "signed immediate -17 must be in range [-16, 15]"
	VMSGEVI		$17, V2, V3			// ERROR "signed immediate 16 must be in range [-16, 15]"
	VMSGEVI		$-16, V2, V3			// ERROR "signed immediate -17 must be in range [-16, 15]"
	VMSGEUVI	$17, V2, V3			// ERROR "signed immediate 16 must be in range [-16, 15]"

		{
			authT: authTypePresigned,
			pass:  true,
		},
		// Test 3 - supported s3 type signed.
		{
			authT: authTypeSigned,
			pass:  true,
		},
		// Test 4 - supported s3 type with post policy.
		{
			authT: authTypePostPolicy,
			pass:  true,
		},
		// Test 5 - supported s3 type with streaming signed.
		{
			authT: authTypeStreamingSigned,
			pass:  true,
		},