builder.put(Constants.FESEN_PASSWORD, password);
        }
        final String authorities = fessConfig.getFesenHttpSslCertificateAuthorities();
        if (StringUtil.isNotBlank(authorities)) {
            builder.put("http.ssl.certificate_authorities", authorities);
        }
        return new HttpClient(builder.build(), null);
    }

        final String authorities = fessConfig.getFesenHttpSslCertificateAuthorities();
        if (StringUtil.isNotBlank(authorities)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Loading certificate_authorities: path={}", authorities);
            }
            try (final InputStream in = new FileInputStream(authorities)) {

signs the other party's chain.

Well-Known Certificate Authorities
----------------------------------

In these examples we've prearranged which root certificates to trust. But for regular HTTPS on the
Internet this set of trusted root certificates is usually provided by default by the host platform.
Such a set typically includes many root certificates from well-known certificate authorities like
Entrust and Verisign.

    /**
     * Checks whether the SID is empty (no sub-authorities).
     *
     * @return whether the SID is empty (no sub-authorities)
     */
    public boolean isEmpty() {
        return this.sub_authority_count == 0;
    }

    /**
     * Checks whether the SID is blank (all sub-authorities zero).
     *
     * @return whether the SID is blank (all sub-authorities zero)
     */
    public boolean isBlank() {

        assertEquals(32, sid.sub_authority[0]);
        assertEquals(544, sid.sub_authority[1]);
        assertEquals(adminSidString, sid.toString());
    }

    /**
     * Test byte array constructor with too many sub-authorities.
     */
    @Test
    void testByteArrayConstructorTooManySubAuthorities() {
        byte[] badSid = new byte[10];
        badSid[1] = 101; // sub_authority_count > 100

        SMBUtil.writeInt4(44, testBuffer, 8); // group offset
        SMBUtil.writeInt4(0, testBuffer, 12); // SACL offset
        SMBUtil.writeInt4(0, testBuffer, 16); // DACL offset

        // Owner SID with 3 sub-authorities (S-1-5-21-X-Y-Z)
        testBuffer[20] = 0x01; // revision
        testBuffer[21] = 0x03; // sub-authority count
        testBuffer[22] = 0x00; // identifier authority
        testBuffer[23] = 0x00;

            // Default constructor
        }

        /**
         * The revision level of the SID structure.
         */
        public byte revision;
        /**
         * The number of sub-authorities in this SID.
         */
        public byte sub_authority_count;
        /**
         * The identifier authority value (6 bytes).
         */
        public byte[] identifier_authority;
        /**

         */
        public sid_t() {
            // Default constructor
        }

        /** The revision level of the SID structure */
        public byte revision;
        /** The number of sub-authorities in the SID */
        public byte sub_authority_count;
        /** The identifier authority value (6 bytes) */
        public byte[] identifier_authority;
        /** The array of sub-authority values */

            builder.put(Constants.FESEN_PASSWORD, password);
        }
        final String authorities = fessConfig.getFesenHttpSslCertificateAuthorities();
        if (StringUtil.isNotBlank(authorities)) {
            builder.put("http.ssl.certificate_authorities", authorities);
        }
        return new HttpClient(builder.build(), null);
    }

    /**

     * connections rely on only the [SSL socket factory][sslSocketFactory] to establish trust.
     * Pinning certificates avoids the need to trust certificate authorities.
     */
    fun certificatePinner(certificatePinner: CertificatePinner) =
      apply {
        if (certificatePinner != this.certificatePinner) {
          this.routeDatabase = null
        }