.build();

    try (Response response = client.newCall(request).execute()) {
      if (!response.isSuccessful()) throw new IOException("Unexpected code " + response);

      for (Certificate certificate : response.handshake().peerCertificates()) {
        System.out.println(CertificatePinner.pin(certificate));
      }
    }
  }

  public static void main(String... args) throws Exception {
    new CertificatePinning().run();
  }

<img src="/img/deployment/https/https01.drawio.svg">

### Início do Handshake TLS { #tls-handshake-start }

O navegador então irá comunicar-se com esse endereço IP na porta 443 (a porta HTTPS).

<img src="/img/deployment/https/https01.drawio.svg">

### Inicio del Handshake TLS { #tls-handshake-start }

El navegador luego se comunicaría con esa dirección IP en el **puerto 443** (el puerto HTTPS).

        .build()
    val request2 = Request.Builder().url(server.url("/")).build()
    val response2 = client.newCall(request2).execute()
    assertThat(response1.handshake).isNotSameAs(
      response2.handshake,
    )
    response2.body.close()
  }

  @Test
  fun unmatchingPinnedCertificate() {
    enableTls()
    server.enqueue(MockResponse())

    assertThat(cache.requestCount()).isEqualTo(2)
    assertThat(cache.networkCount()).isEqualTo(1)
    assertThat(cache.hitCount()).isEqualTo(1)

    assertThat(response.handshake!!.cipherSuite.javaName).startsWith("SLT_")
  }

  @Test
  fun truncatedMetadataEntry() {
    val response =
      testCorruptingCache {
        corruptMetadata {

          }
          throw IOException("Unexpected code $response")
        }
        println(response.body.string())

        for (peerCertificate in response.handshake?.peerCertificates.orEmpty()) {
          println((peerCertificate as X509Certificate).subjectDN)
        }
      }
  }
}

fun main() {
  CustomTrust().run()

<img src="/img/deployment/https/https01.drawio.svg">

### Début de la négociation TLS (Handshake) { #tls-handshake-start }

Le navigateur communiquerait ensuite avec cette adresse IP sur le **port 443** (le port HTTPS).

        .build();

    try (Response response = client.newCall(request).execute()) {
      if (!response.isSuccessful()) throw new IOException("Unexpected code " + response);

      System.out.println(response.handshake().cipherSuite());
      System.out.println(response.body().string());
    }
  }

  public static void main(String... args) throws Exception {
    new CustomCipherSuites().run();
  }

    val response = client.newCall(request).execute()

    response.use {
      assertEquals(200, response.code)
      assertEquals(
        "CN=localhost",
        (response.handshake!!.peerCertificates.single() as X509Certificate).subjectDN.name,
      )
    }
  }

  private fun enableTls() {
    client =
      client
        .newBuilder()
        .sslSocketFactory(

    val response = promise.get(4, SECONDS)

    assertThat(response).isNotNull()

    assertThat(response.body.string()).isNotEmpty()

    if (socketMode is TlsInstance) {
      assertThat(response.handshake!!.tlsVersion).isEqualTo(socketMode.tlsVersion)

      assertThat(acceptedHostName).isEqualTo(hostname)

      if (socketMode.tlsExtensionMode == STANDARD) {