import okhttp3.ConnectionPool
import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.tls.internal.TlsUtil.localhost
import org.junit.jupiter.api.Test

/**
 * This single Junit 4 test is our Android test suite on API 21-25.
 */
class SingleAndroidTest {
  private val handshakeCertificates = localhost()

  private var client: OkHttpClient =
    OkHttpClient
      .Builder()
      .sslSocketFactory(

import java.io.IOException;
import java.util.logging.Logger;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public final class LoggingInterceptors {
  private static final Logger logger = Logger.getLogger(LoggingInterceptors.class.getName());
  private final OkHttpClient client = new OkHttpClient.Builder()
      .addInterceptor(new LoggingInterceptor())
      .build();

 * for background.
 */
@RunWith(AndroidJUnit4.class)
public class LetsEncryptTest {
  @Test public void getFailsWithoutAdditionalCert() throws IOException {
    OkHttpClient client = new OkHttpClient();

    boolean androidMorEarlier = Build.VERSION.SDK_INT <= 23;
    try {
      sendRequest(client, "https://valid-isrgrootx1.letsencrypt.org/robots.txt");
      if (androidMorEarlier) {
        fail();

package okhttp3.recipes;

import java.io.IOException;
import java.util.Date;
import okhttp3.Headers;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public final class CurrentDateHeader {
  private final OkHttpClient client = new OkHttpClient.Builder()
      .addInterceptor(new CurrentDateInterceptor())
      .build();

  public void run() throws Exception {

import java.io.IOException;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;

public final class PostString {
  public static final MediaType MEDIA_TYPE_MARKDOWN
      = MediaType.get("text/x-markdown; charset=utf-8");

  private final OkHttpClient client = new OkHttpClient();

  public void run() throws Exception {
    String postBody = ""

    applyStrictMode()

    // Not currently safe
    // See https://github.com/square/okhttp/pull/8248
    OkHttpClient()

    assertThat(violations).hasSize(1)
    assertThat(violations[0].message).isEqualTo("newSSLContext")
  }

  @Test
  fun testNewCall() {
    Platform.resetForTests()

    val client = OkHttpClient()

    applyStrictMode()

    // Safe on main

 */
package okhttp3.recipes;

import java.io.IOException;
import okhttp3.Credentials;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public final class Authenticate {
  private final OkHttpClient client;

  public Authenticate() {
    client = new OkHttpClient.Builder()
        .authenticator((route, response) -> {
          if (response.request().header("Authorization") != null) {

    HandshakeCertificates clientCertificates = new HandshakeCertificates.Builder()
        .addTrustedCertificate(localhostCertificate.certificate())
        .build();
    OkHttpClient client = new OkHttpClient.Builder()
        .sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager())
        .build();

    Call call = client.newCall(new Request.Builder()

import java.io.IOException;
import okhttp3.Credentials;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public final class PreemptiveAuth {
  private final OkHttpClient client;

  public PreemptiveAuth() {
    client = new OkHttpClient.Builder()
        .addInterceptor(
            new BasicAuthInterceptor("publicobject.com", "jesse", "password1"))

Entrust and Verisign.

This is the behavior you'll get with your OkHttpClient if you don't specifically configure
`HandshakeCertificates`. Or you can do it explicitly with `addPlatformTrustedCertificates()`:

```java
HandshakeCertificates clientCertificates = new HandshakeCertificates.Builder()
    .addPlatformTrustedCertificates()
    .build();
OkHttpClient client = new OkHttpClient.Builder()