certificate.

The trusted roots don't need to be the same for client and server when using client authentication.
Clients might rely on the platform certificates and servers might use a private
organization-specific certificate authority.

By default `HeldCertificate` instances expire after 24 hours. Use `duration()` to adjust.

 *    root certificates that is distributed with the HTTP client or its platform. It may be
 *    augmented by certificates private to an organization or service.
 *
 * ### Client Authentication
 *
 * This is authentication of the client by the server during the TLS handshake. Client
 * authentication is optional.
 *
 * To perform client authentication:
 *

  // sufficient to connect to most HTTPS sites including https://godaddy.com and https://visa.com.
  // Typically developers will need to get a PEM file from their organization's TLS administrator.
  final X509Certificate comodoRsaCertificationAuthority = Certificates.decodeCertificatePem(""
      + "-----BEGIN CERTIFICATE-----\n"

  // sufficient to connect to most HTTPS sites including https://godaddy.com and https://visa.com.
  // Typically developers will need to get a PEM file from their organization's TLS administrator.
  val comodoRsaCertificationAuthority =
    """
    -----BEGIN CERTIFICATE-----
    MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB

                  ),
                ),
                listOf(
                  AttributeTypeAndValue(
                    type = businessCategory,
                    value = "Private Organization",
                  ),
                ),
                listOf(
                  AttributeTypeAndValue(
                    type = serialNumber,
                    value = "4699855",
                  ),

cbre

// cbs : 2015-08-06 CBS Domains Inc.
cbs

// center : 2013-11-07 Binky Moon, LLC
center

// ceo : 2013-11-07 CEOTLD Pty Ltd
ceo

// cern : 2014-06-05 European Organization for Nuclear Research ("CERN")
cern

// cfa : 2014-08-28 CFA Institute
cfa

// cfd : 2014-12-11 ShortDot SA
cfd

// chanel : 2015-04-09 Chanel International B.V.
chanel

 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their