(the latter if this is not a complete fix) to this comment
+ If referring to a repo other than `golang/go` you can use the
  `owner/repo#issue_number` syntax: `Fixes golang/tools#1234`
+ We do not use Signed-off-by lines in Go. Please don't add them.
  Our Gerrit server & GitHub bots enforce CLA compliance instead.

// signed byte values.
// We compute and return both.
func (b *block) computeChecksum() (unsigned, signed int64) {
	for i, c := range b {
		if 148 <= i && i < 156 {
			c = ' ' // Treat the checksum field itself as all spaces.
		}
		unsigned += int64(c)
		signed += int64(int8(c))
	}
	return unsigned, signed
}

// reset clears the block with all zeros.

 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.cert.X509Certificate

fun interface TrustRootIndex {
  /** Returns the trusted CA certificate that signed [cert]. */
  fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate?

If you didn't sign off your commits before creating the pull request, you can fix that after the fact.

To sign off a single commit:

`git commit --amend --signoff`

To sign off one or multiple commits:

`git rebase --signoff origin/master`

import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.MockWebServer;
import okhttp3.tls.HandshakeCertificates;
import okhttp3.tls.HeldCertificate;

/**
 * Create an HTTPS server with a self-signed certificate that OkHttp trusts.
 */
public class HttpsServer {
  public void run() throws Exception {
    HeldCertificate localhostCertificate = new HeldCertificate.Builder()
        .addSubjectAlternativeName("localhost")

which might be interesting to read and for further discussion.

Getting Started
---------------

+ Make sure you have a [JIRA account](https://issues.apache.org/jira/).
+ Make sure you have a [GitHub account](https://github.com/signup/free).
+ If you're planning to implement a new feature, it makes sense to discuss your changes
  on the [dev list](https://maven.apache.org/mailing-lists.html) first.

ExecStart=${packaging.fess.bin.dir}/fess

# Connects standard output to /dev/null
StandardOutput=null

# Connects standard error to journal
StandardError=journal

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=${packaging.os.max.open.files}

		// TODO: https://github.com/istio/istio/issues/41937
		grpc.WithTransportCredentials(credentials.NewTLS(
			&tls.Config{
				// Always skip verifying, because without it we always get "certificate signed by unknown authority".
				// We don't set the XDSSAN for the same reason.
				InsecureSkipVerify: true,
			})),
		grpc.WithPerRPCCredentials(k8sCreds),
	}, nil

	peerRESTUserTemp        = "user-temp"
	peerRESTPolicy          = "policy"
	peerRESTUserOrGroup     = "user-or-group"
	peerRESTUserType        = "user-type"
	peerRESTIsGroup         = "is-group"
	peerRESTSignal          = "signal"
	peerRESTSubSys          = "sub-sys"
	peerRESTProfiler        = "profiler"
	peerRESTSize            = "size"
	peerRESTConcurrent      = "concurrent"
	peerRESTDuration        = "duration"

		if err != nil {
			return nil, err
		}
		if c != nil {
			c.UpdateReloadDuration(10 * time.Second)
			c.ReloadOnSignal(syscall.SIGHUP) // allow reloads upon SIGHUP
			transport.TLSClientConfig.GetClientCertificate = c.GetClientCertificate
		}
	}
	return transport, nil
}

// NewRemoteTargetHTTPTransport returns a new http configuration