.addSubjectAlternativeName("*.wildcard.com")
        .addSubjectAlternativeName("differentdns.com")
        .build()
    serverIps = Dns.SYSTEM.lookup(server.hostName)
    dns[server.hostName] = serverIps
    dns["san.com"] = serverIps
    dns["nonsan.com"] = serverIps
    dns["www.wildcard.com"] = serverIps
    dns["differentdns.com"] = listOf()
    val handshakeCertificates =
      HandshakeCertificates
        .Builder()

        }

        List<Server> servers = settings.getServers();

        if (servers != null) {
            Set<String> serverIds = new HashSet<>();

            for (int i = 0; i < servers.size(); i++) {
                Server server = servers.get(i);

                validateStringNotEmpty(problems, "servers.server[" + i + "].id", server.getId(), null);

                if (!serverIds.add(server.getId())) {

 * that they own the hostnames that they represent. Server authentication is required.
 *
 * To perform server authentication:
 *
 *  * The server's handshake certificates must have a [held certificate][HeldCertificate] (a
 *    certificate and its private key). The certificate's subject alternative names must match the

Recommendations
---------------

Typically servers need a held certificate plus a chain of intermediates. Servers only need the
private key for their own certificate. The chain served by a server doesn't need the root
certificate.

The trusted roots don't need to be the same for client and server when using client authentication.
Clients might rely on the platform certificates and servers might use a private

 *     .build();
 * ```
 *
 * The proxy authenticator may implement preemptive authentication, reactive authentication, or
 * both.
 *
 * Applications may configure OkHttp with an authenticator for origin servers, or proxy servers,
 * or both.
 *
 * ## Authentication Retries
 *
 * If your authentication may be flaky and requires retries you should apply some policy

If you are paying for 3 servers but you are using only a little bit of their RAM and CPU, you are probably **wasting money** 💸, and probably **wasting server electric power** 🌎, etc.

In that case, it could be better to have only 2 servers and use a higher percentage of their resources (CPU, memory, disk, network bandwidth, etc).

class DefaultSettingsDecryptionResult implements SettingsDecryptionResult {

    private List<Server> servers;

    private List<Proxy> proxies;

    private List<SettingsProblem> problems;

    DefaultSettingsDecryptionResult(List<Server> servers, List<Proxy> proxies, List<SettingsProblem> problems) {
        this.servers = (servers != null) ? servers : new ArrayList<>();
        this.proxies = (proxies != null) ? proxies : new ArrayList<>();

# Erasure code sizing guide

## Toy Setups

Capacity constrained environments, MinIO will work but not recommended for production.

| servers | drives (per node) | stripe_size | parity chosen (default) | tolerance for reads (servers) | tolerance for writes (servers) |
|--------:|------------------:|------------:|------------------------:|------------------------------:|-------------------------------:|

        MavenExecutionRequest request = new DefaultMavenExecutionRequest();
        request.setLocalRepository(getLocalRepository());
        List<Server> servers = new ArrayList<>();
        servers.add(server);
        request.setServers(servers);

        DefaultRepositorySystemSessionFactory systemSessionFactory = new DefaultRepositorySystemSessionFactory(
                aetherRepositorySystem,

@Deprecated(since = "4.0.0")
public interface SettingsDecryptionRequest {

    /**
     * Gets the servers whose passwords should be decrypted.
     *
     * @return The servers to decrypt, never {@code null}.
     */
    List<Server> getServers();

    /**
     * Sets the servers whose passwords should be decrypted.
     *
     * @param servers The servers to decrypt, may be {@code null}.
     * @return This request, never {@code null}.
     */