* HAProxy
    * Mit einer externen Komponente wie Certbot für Zertifikat-Erneuerungen
* Kubernetes mit einem Ingress Controller wie Nginx
    * Mit einer externen Komponente wie cert-manager für Zertifikat-Erneuerungen
* Es wird intern von einem Cloud-Anbieter als Teil seiner Dienste verwaltet (siehe unten 👇)

func StartTestTLSServer(t TestErrHandler, instanceType string, cert, key []byte) TestServer {
	// Fetch TLS key and pem files from test-data/ directory.
	//	dir, _ := os.Getwd()
	//	testDataDir := filepath.Join(filepath.Dir(dir), "test-data")
	//
	//	pemFile := filepath.Join(testDataDir, "server.pem")
	//	keyFile := filepath.Join(testDataDir, "server.key")
	cer, err := tls.X509KeyPair(cert, key)
	if err != nil {

	//   │   │
	//   │   ├─ public.crt
	//   │   └─ private.key
	//   └─ foobar.org/
	//      │
	//      ├─ public.crt
	//      └─ private.key
	//   ...
	//
	// Therefore, we read all filenames in the cert directory and check
	// for each directory whether it contains a public.crt and private.key.
	// If so, we try to add it to certificate manager.
	root, err := Open(globalCertsDir.Get())
	if err != nil {

* HAProxy
    * Con un componente externo como Certbot para las renovaciones de certificados
* Kubernetes con un Controlador de Ingress como Nginx
    * Con un componente externo como cert-manager para las renovaciones de certificados
* Manejado internamente por un proveedor de nube como parte de sus servicios (lee abajo 👇)

				"application/pics-rules",
				"application/pidf+xml",
				"application/pidf-diff+xml",
				"application/pkcs10",
				"application/pkcs7-mime",
				"application/pkcs7-signature",
				"application/pkix-cert",
				"application/pkix-crl",
				"application/pkix-pkipath",
				"application/pkixcmp",
				"application/pls+xml",
				"application/poc-settings+xml",
				"application/postscript",

* HAProxy
    * With an external component like Certbot for certificate renewals
* Kubernetes with an Ingress Controller like Nginx
    * With an external component like cert-manager for certificate renewals
* Handled internally by a cloud provider as part of their services (read below 👇)

* HAProxy
    * Com um componente externo como o Certbot para renovações de certificados
* Kubernetes com um controlador Ingress como o Nginx
    * Com um componente externo como cert-manager para renovações de certificados
* Gerenciado internamente por um provedor de nuvem como parte de seus serviços (leia abaixo 👇)

    * Fixed the webhook admission plugin so that webhook author could use the DNS name of the service as the CommonName when generating the server cert for the webhook.
    * Action required:

		"PK\x01\x02\x14\x00\x14\x00\b\b\b\x004\x9d3?\xbfP\x96b\x86\x04\x00\x00\xb2\x06\x00\x00\x11\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9J\x02\x00META-INF/CERT.RSA",
	}
	for i, s := range dirEnts {
		var f File
		err := readDirectoryHeader(&f, strings.NewReader(s))
		if err != nil {

		defer cancel()
		transport, err := s.NewHTTPTransportWithClientCerts(ctx, clientCert, clientKey)
		if err != nil {
			internalLogIf(ctx, fmt.Errorf("Unable to load client key and cert, please check your client certificate configuration: %w", err))
		}
		if transport == nil {
			// Client certs are not readable return default transport.
			return s.NewHTTPTransportWithTimeout(1 * time.Minute)
		}