import assertk.assertions.isEqualTo
import assertk.assertions.isNull
import java.io.IOException
import java.security.cert.Certificate
import kotlin.test.assertFailsWith
import okhttp3.Handshake.Companion.handshake
import okhttp3.tls.HeldCertificate
import org.junit.jupiter.api.Test

class HandshakeTest {
  val serverRoot =
    HeldCertificate
      .Builder()
      .certificateAuthority(1)
      .build()
  val serverIntermediate =

	// Fetch TLS key and pem files from test-data/ directory.
	//	dir, _ := os.Getwd()
	//	testDataDir := filepath.Join(filepath.Dir(dir), "test-data")
	//
	//	pemFile := filepath.Join(testDataDir, "server.pem")
	//	keyFile := filepath.Join(testDataDir, "server.key")
	cer, err := tls.X509KeyPair(cert, key)
	if err != nil {
		t.Fatalf("Failed to load certificate: %v", err)
	}
	config := &tls.Config{Certificates: []tls.Certificate{cer}}

```
.
├── app
│   ├── __init__.py
│   └── main.py
├── Dockerfile
└── requirements.txt
```

#### Behind a TLS Termination Proxy { #behind-a-tls-termination-proxy }

import org.mockserver.configuration.Configuration
import org.mockserver.logging.MockServerLogger
import org.mockserver.model.HttpRequest.request
import org.mockserver.model.HttpResponse.response
import org.mockserver.socket.tls.KeyStoreFactory
import org.testcontainers.containers.MockServerContainer
import org.testcontainers.junit.jupiter.Container
import org.testcontainers.junit.jupiter.Testcontainers
import org.testcontainers.utility.DockerImageName

    val keyManager = keyManagerFactory.keyManagers[0] as X509ExtendedKeyManager

    val trustManager = Platform.get().platformTrustManager()

    val sslContext = SSLContext.getInstance("TLS")
    sslContext.init(arrayOf(keyManager), arrayOf(trustManager), SecureRandom())

    val client =
      OkHttpClient
        .Builder()
        .sslSocketFactory(sslContext.socketFactory, trustManager)

  @get:JvmName("message") val message: String,
  /** Returns the HTTP status code. */
  @get:JvmName("code") val code: Int,
  /**
   * Returns the TLS handshake of the connection that carried this response, or null if the
   * response was received without TLS.
   */
  @get:JvmName("handshake") val handshake: Handshake?,
  /** Returns the HTTP headers. */
  @get:JvmName("headers") val headers: Headers,
  /**

HSPLokhttp3/internal/platform/android/DeferredSocketAdapter;->isSupported()Z
HSPLokhttp3/internal/tls/CertificateChainCleaner;-><init>()V
HSPLokhttp3/internal/tls/OkHostnameVerifier;-><clinit>()V
HSPLokhttp3/internal/tls/OkHostnameVerifier;-><init>()V
HSPLokhttp3/internal/tls/OkHostnameVerifier;->asciiToLowercase(Ljava/lang/String;)Ljava/lang/String;
HSPLokhttp3/internal/tls/OkHostnameVerifier;->getSubjectAltNames(Ljava/security/cert/X509Certificate;I)Ljava/util/List;

```
.
├── app
│   ├── __init__.py
│   └── main.py
├── Dockerfile
└── requirements.txt
```

#### Por trás de um Proxy de Terminação TLS { #behind-a-tls-termination-proxy }

    fi
  else
    echo "Svcacct '$SVCACCT' already exists."
  fi
  #clean up credentials files.
  rm -f $MINIO_ACCESSKEY_SECRETKEY_TMP
}

# Try connecting to MinIO instance
{{- if .Values.tls.enabled }}
scheme=https
{{- else }}
scheme=http
{{- end }}
connectToMinio $scheme

{{ if .Values.svcaccts }}
{{ $global := . }}
# Create the svcaccts
{{- range $idx, $svc := .Values.svcaccts }}

		IdleConnTimeout:       timeout,
		TLSHandshakeTimeout:   timeout,
		ExpectContinueTimeout: timeout,
		TLSClientConfig: &tls.Config{
			RootCAs:            globalRootCAs,
			ClientSessionCache: tls.NewLRUClientSessionCache(tlsClientSessionCacheSize),
		},
		DisableCompression: true,
	}
	return updateTransport
}