],
      "X-Amz-Content-Sha256": [
        "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
      ],
      "X-Amz-Date": [
        "20220507T183141Z"
      ],
      "authType": [
        "REST-HEADER"
      ],
      "principaltype": [
        "Account"
      ],
      "signatureversion": [
        "AWS4-HMAC-SHA256"
      ],
      "userid": [
        "minio"

	servernamep, err := syscall.UTF16PtrFromString(strings.TrimSuffix(opts.DNSName, "."))
	if err != nil {
		return err
	}
	sslPara := &syscall.SSLExtraCertChainPolicyPara{
		AuthType:   syscall.AUTHTYPE_SERVER,
		ServerName: servernamep,
	}
	sslPara.Size = uint32(unsafe.Sizeof(*sslPara))

	para := &syscall.CertChainPolicyPara{
		ExtraPolicyPara: (syscall.Pointer)(unsafe.Pointer(sslPara)),

        @Throws(CertificateException::class)
        override fun checkClientTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) = throw CertificateException()

        override fun checkServerTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) = throw AssertionError()

        override fun getAcceptedIssuers(): Array<X509Certificate> = throw AssertionError()

}

type CertChainPolicyPara struct {
	Size            uint32
	Flags           uint32
	ExtraPolicyPara Pointer
}

type SSLExtraCertChainPolicyPara struct {
	Size       uint32
	AuthType   uint32
	Checks     uint32
	ServerName *uint16
}

type CertChainPolicyStatus struct {
	Size              uint32
	Error             uint32
	ChainIndex        uint32
	ElementIndex      uint32

			}
			if c.secType != SecretTypeConfig {
				c.secType = SecretTypeRemote
			}
			opts := RemoteSecretOptions{
				ServiceAccountName: testServiceAccountName,
				AuthType:           RemoteSecretAuthTypeBearerToken,
				// ClusterName: testCluster,
				KubeOptions: KubeOptions{
					Namespace: testNamespace,
				},
				Type:       c.secType,
				SecretName: c.secretName,
			}

	/* CertGetNameString flags */
	CERT_NAME_ISSUER_FLAG              = 0x1
	CERT_NAME_DISABLE_IE4_UTF8_FLAG    = 0x10000
	CERT_NAME_SEARCH_ALL_NAMES_FLAG    = 0x2
	CERT_NAME_STR_ENABLE_PUNYCODE_FLAG = 0x00200000

	/* AuthType values for SSLExtraCertChainPolicyPara struct */
	AUTHTYPE_CLIENT = 1
	AUTHTYPE_SERVER = 2

	/* Checks values for SSLExtraCertChainPolicyPara struct */
	SECURITY_FLAG_IGNORE_REVOCATION        = 0x00000080

     *
     * ```java
     *    @SuppressWarnings("unused")
     *    public List<X509Certificate> checkServerTrusted(
     *        X509Certificate[] chain, String authType, String host) throws CertificateException {
     *    }
     * ```
     *
     * This method works like [X509TrustManager.checkServerTrusted] but it receives the hostname of

    override fun checkClientTrusted(
      chain: Array<X509Certificate>,
      authType: String,
    ) {
      calls.add("checkClientTrusted " + certificatesToString(chain))
    }

    override fun checkServerTrusted(
      chain: Array<X509Certificate>,
      authType: String,
    ) {
      calls.add("checkServerTrusted " + certificatesToString(chain))
    }

		{"SO_USER_COOKIE", Const, 1},
		{"SO_VENDOR", Const, 3},
		{"SO_WANTMORE", Const, 0},
		{"SO_WANTOOBFLAG", Const, 0},
		{"SSLExtraCertChainPolicyPara", Type, 0},
		{"SSLExtraCertChainPolicyPara.AuthType", Field, 0},
		{"SSLExtraCertChainPolicyPara.Checks", Field, 0},
		{"SSLExtraCertChainPolicyPara.ServerName", Field, 0},
		{"SSLExtraCertChainPolicyPara.Size", Field, 0},
		{"STANDARD_RIGHTS_ALL", Const, 0},