.certificateAuthority(0)
        .commonName("compromised intermediate")
        .signedBy(pinnedRoot)
        .build()
    val attackerIntermediate =
      HeldCertificate
        .Builder()
        .keyPair(attackerCa.keyPair) // Share keys between compromised CA and intermediate!
        .serialNumber(4L)
        .certificateAuthority(0) // More intermediates than permitted by signer!
        .commonName("attacker intermediate")

    }

    /**
     * Mark this referral as intermediate (requires further resolution)
     */
    public void intermediate() {
        this.intermediate = true;
    }

    /**
     * @return the intermediate
     */
    @Override
    public boolean isIntermediate() {
        return this.intermediate;
    }

    @Override
    public String toString() {

        }

        @Test
        @DisplayName("Should check if intermediate")
        void testIsIntermediate() {
            // Test with mock
            when(mockReferralData.isIntermediate()).thenReturn(false);
            assertFalse(mockReferralData.isIntermediate());
            verify(mockReferralData, times(1)).isIntermediate();

            // Test with concrete implementation

     *
     * The chain should include all intermediate certificates but does not need the root certificate
     * that we expect to be known by the remote peer. The peer already has that certificate so
     * transmitting it is unnecessary.
     */
    fun heldCertificate(
      heldCertificate: HeldCertificate,
      vararg intermediates: X509Certificate,
    ) = apply {

        GsaConfigException exception = new GsaConfigException("Top level GSA error", intermediateCause);

        assertNotNull(exception);
        assertEquals("Top level GSA error", exception.getMessage());

        // Check first level cause
        assertNotNull(exception.getCause());
        assertEquals("Intermediate problem", exception.getCause().getMessage());

    void testExceptionChaining() {
        // Given
        Exception rootCause = new IllegalStateException("Root error");
        RuntimeCIFSException intermediateCause = new RuntimeCIFSException("Intermediate", rootCause);

        // When
        RuntimeCIFSException finalException = new RuntimeCIFSException("Final error", intermediateCause);

        // Then

representative of real-world HTTPS deployment. To get closer to that we can use `HeldCertificate`
to generate a trusted root certificate, an intermediate certificate, and a server certificate.
We use `certificateAuthority(int)` to create certificates that can sign other certificates. The
int specifies how many intermediate certificates are allowed beneath it in the chain.

```java
HeldCertificate rootCertificate = new HeldCertificate.Builder()

        Exception intermediateCause = new IllegalStateException("Intermediate cause", rootCause);
        ScriptEngineException exception = new ScriptEngineException("Top level error", intermediateCause);

        assertEquals("Top level error", exception.getMessage());
        assertEquals(intermediateCause, exception.getCause());
        assertEquals("Intermediate cause", exception.getCause().getMessage());

   *
   * <p>This uses an efficient binary recursive algorithm to compute the factorial with balanced
   * multiplies. It also removes all the 2s from the intermediate products (shifting them back in at
   * the end).
   *
   * @throws IllegalArgumentException if {@code n < 0}
   */
  public static BigInteger factorial(int n) {
    checkNonNegative("n", n);

    }

    @Test
    public void testExceptionChaining() {
        IOException rootCause = new IOException("Root cause");
        RuntimeException intermediateCause = new RuntimeException("Intermediate", rootCause);
        CurlException exception = new CurlException("Final message", intermediateCause);

        assertEquals("Final message", exception.getMessage());