else -> true
    }

  override fun buildCertificateChainCleaner(trustManager: X509TrustManager): CertificateChainCleaner =
    AndroidCertificateChainCleaner.buildIfSupported(trustManager) ?: super.buildCertificateChainCleaner(trustManager)

  override fun buildTrustRootIndex(trustManager: X509TrustManager): TrustRootIndex =
    try {

  }

  open fun buildCertificateChainCleaner(trustManager: X509TrustManager): CertificateChainCleaner =
    BasicCertificateChainCleaner(buildTrustRootIndex(trustManager))

  open fun buildTrustRootIndex(trustManager: X509TrustManager): TrustRootIndex = BasicTrustRootIndex(*trustManager.acceptedIssuers)

  open fun newSslSocketFactory(trustManager: X509TrustManager): SSLSocketFactory {
    try {

    other is AndroidCertificateChainCleaner &&
      other.trustManager === this.trustManager

  override fun hashCode(): Int = System.identityHashCode(trustManager)

  companion object {
    @SuppressSignatureCheck
    fun buildIfSupported(trustManager: X509TrustManager): AndroidCertificateChainCleaner? {
      val extensions =
        try {
          X509TrustManagerExtensions(trustManager)
        } catch (iae: IllegalArgumentException) {

      "Unexpected trust managers: ${result.contentToString()}"
    }

    val trustManager = result[0] as X509TrustManager

    return when {
      insecureHosts.isEmpty() -> trustManager
      Platform.isAndroid -> InsecureAndroidTrustManager(trustManager, insecureHosts)
      else -> InsecureExtendedTrustManager(trustManager as X509ExtendedTrustManager, insecureHosts)
    }
  }

  /**

        .connectionSpecs(Collections.singletonList(spec))
        .sslSocketFactory(customSslSocketFactory, trustManager)
        .build();
  }

  /**
   * Returns the VM's default SSL socket factory, using {@code trustManager} for trusted root
   * certificates.
   */
  private SSLSocketFactory defaultSslSocketFactory(X509TrustManager trustManager)
      throws NoSuchAlgorithmException, KeyManagementException {

      builder.callTimeout(callTimeout.toLong(), SECONDS)
    }
    if (allowInsecure) {
      val trustManager = createInsecureTrustManager()
      val sslSocketFactory = createInsecureSslSocketFactory(trustManager)
      builder.sslSocketFactory(sslSocketFactory, trustManager)
      builder.hostnameVerifier(createInsecureHostnameVerifier())
    }
    if (verbose) {

        .addInsecureHost(server.hostName)
        .build()

    val client =
      clientTestRule.newClientBuilder()
        .sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager)
        .build()

    val call = client.newCall(Request(server.url("/")))
    val response = call.execute()
    assertThat(response.code).isEqualTo(200)
    assertThat(response.handshake!!.cipherSuite).isNotNull()

    NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(hostname)

  override fun buildCertificateChainCleaner(trustManager: X509TrustManager): CertificateChainCleaner =
    AndroidCertificateChainCleaner.buildIfSupported(trustManager) ?: super.buildCertificateChainCleaner(trustManager)

  companion object {
    val isSupported: Boolean = isAndroid && Build.VERSION.SDK_INT >= 29

    replaceWith = ReplaceWith(expression = "trustManager"),
    level = DeprecationLevel.ERROR,
  )
  fun trustManager(): X509TrustManager = trustManager

  fun sslSocketFactory(): SSLSocketFactory = sslContext().socketFactory

  fun sslContext(): SSLContext {
    return Platform.get().newSSLContext().apply {
      init(arrayOf<KeyManager>(keyManager), arrayOf<TrustManager>(trustManager), SecureRandom())
    }
  }

      Conscrypt.getApplicationProtocol(sslSocket)
    } else {
      super.getSelectedProtocol(sslSocket)
    }

  override fun newSslSocketFactory(trustManager: X509TrustManager): SSLSocketFactory {
    return newSSLContext().apply {
      init(null, arrayOf<TrustManager>(trustManager), null)
    }.socketFactory
  }

  companion object {
    val isSupported: Boolean =
      try {