)
        .hostnameVerifier(RecordingHostnameVerifier())
        .certificatePinner(certificatePinner)
        .build()

    // The attacker compromises the root CA, issues an intermediate with the same common name
    // "intermediate_ca" as the good CA. This signs a rogue certificate for localhost. The server
    // serves the good CAs certificate in the chain, which means the certificate pinner sees a