</magic>
  </mime-type>
  <mime-type type="application/x-pkcs12">
    <glob pattern="*.p12"/>
    <glob pattern="*.pfx"/>
  </mime-type>
  <mime-type type="application/x-pkcs7-certificates">
    <glob pattern="*.p7b"/>
    <glob pattern="*.spc"/>
  </mime-type>
  <mime-type type="application/x-pkcs7-certreqresp">
    <glob pattern="*.p7r"/>
  </mime-type>

import java.io.IOException
import java.net.InetAddress
import java.net.UnknownHostException
import java.security.KeyStore
import java.security.SecureRandom
import java.security.Security
import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import java.util.concurrent.atomic.AtomicInteger
import java.util.logging.Handler
import java.util.logging.Level

        .signedBy(serverCa)
        .addSubjectAlternativeName(server.hostName)
        .build()
    val serverHandshakeCertificates =
      HandshakeCertificates.Builder()
        .addTrustedCertificate(clientCa.certificate)
        .heldCertificate(serverCertificate)
        .build()
    server.useHttps(serverHandshakeCertificates.sslSocketFactory(), false)
    server.enqueue(MockResponse().setBody("abc"))
    server.requestClientAuth()

        .signedBy(serverCa)
        .addSubjectAlternativeName(server.hostName)
        .build()
    val serverHandshakeCertificates =
      HandshakeCertificates.Builder()
        .addTrustedCertificate(clientCa.certificate)
        .heldCertificate(serverCertificate)
        .build()
    server.useHttps(serverHandshakeCertificates.sslSocketFactory())
    server.enqueue(
      MockResponse.Builder()
        .body("abc")

first connect fails. This is necessary for IPv4+IPv6 and services hosted in redundant data
centers. OkHttp supports modern TLS features (TLS 1.3, ALPN, certificate pinning). It can be
configured to fall back for broad connectivity.

Using OkHttp is easy. Its request/response API is designed with fluent builders and immutability. It

* Balanceamento de carga entre _frontend_ e _backend_ com **Traefik**, então você pode ter ambos sob o mesmo domínio, separados por rota, mas servidos por diferentes containers.
* Integração Traefik, incluindo geração automática de certificados **HTTPS** Let's Encrypt.
* GitLab **CI** (integração contínua), incluindo testes _frontend_ e _backend_.

## Full Stack FastAPI Couchbase

* Intégration Traefik, comprenant la génération automatique de certificat **HTTPS** Let's Encrypt.
* GitLab **CI** (intégration continue), comprenant des tests pour le frontend et le backend.

## Full Stack FastAPI Couchbase

	github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 // indirect
	github.com/google/s2a-go v0.1.8 // indirect
	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
	github.com/gorilla/websocket v1.5.3 // indirect
	github.com/hashicorp/errwrap v1.1.0 // indirect

  optional IngressLoadBalancerStatus loadBalancer = 1;
}

// IngressTLS describes the transport layer security associated with an Ingress.
message IngressTLS {
  // hosts is a list of hosts included in the TLS certificate. The values in
  // this list must match the name/s used in the tlsSecret. Defaults to the
  // wildcard host setting for the loadbalancer controller fulfilling this
  // Ingress, if left unspecified.
  // +optional

            .rsa2048()
            .build()
        return@lazy HandshakeCertificates.Builder()
          .heldCertificate(heldCertificate)
          .addTrustedCertificate(heldCertificate.certificate)
          .build()
      }

      init {
        val platformSystemProperty = getPlatformSystemProperty()

        if (platformSystemProperty == JDK9_PROPERTY) {