There are many situations in which you need to notify an error to a client that is using your API.

This client could be a browser with a frontend, a code from someone else, an IoT device, etc.

You could need to tell the client that:

* The client doesn't have enough privileges for that operation.
* The client doesn't have access to that resource.
* The item the client was trying to access doesn't exist.
* etc.

        String s = Config.getProperty("jcifs.smb1.smb.client.TreeConnectAndX.CheckDirectory");

        if (s != null) {
            batchLimits[0] = Byte.parseByte(s);
        }
        if ((s = Config.getProperty("jcifs.smb1.smb.client.TreeConnectAndX.CreateDirectory")) != null) {
            batchLimits[2] = Byte.parseByte(s);
        }
        if ((s = Config.getProperty("jcifs.smb1.smb.client.TreeConnectAndX.Delete")) != null) {

which [TLS versions](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-tls-version/) and [cipher suites](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-cipher-suite/) to offer. A client that wants to maximize connectivity would include obsolete TLS versions and weak-by-design cipher suites. A strict client that wants to maximize security would be limited to only the latest TLS version and strongest cipher suites.

Specific security vs. connectivity decisions are implemented by [Co...

import java.io.IOException;
import okhttp3.Credentials;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public final class Authenticate {
  private final OkHttpClient client;

  public Authenticate() {
    client = new OkHttpClient.Builder()
        .authenticator((route, response) -> {
          if (response.request().header("Authorization") != null) {

 *
 * Read https://community.letsencrypt.org/t/mobile-client-workarounds-for-isrg-issue/137807
 * for background.
 */
@RunWith(AndroidJUnit4.class)
public class LetsEncryptTest {
  @Test public void getFailsWithoutAdditionalCert() throws IOException {
    OkHttpClient client = new OkHttpClient();

    boolean androidMorEarlier = Build.VERSION.SDK_INT <= 23;
    try {
      sendRequest(client, "https://valid-isrgrootx1.letsencrypt.org/robots.txt");

 */
@RunWith(AndroidJUnit4.class)
public class OkHttpClientTest {
  @Test public void get() throws IOException {
    OkHttpClient client = new OkHttpClient();
    Request request = new Request.Builder()
        .url("https://google.com/robots.txt")
        .build();
    try (Response response = client.newCall(request).execute()) {
      assertEquals(200, response.code());
      assertEquals(Protocol.HTTP_2, response.protocol());
    }

import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.Response

class AsynchronousGet {
  private val client = OkHttpClient()

  fun run() {
    val request =
      Request
        .Builder()
        .url("http://publicobject.com/helloworld.txt")
        .build()

    client.newCall(request).enqueue(
      object : Callback {
        override fun onFailure(
          call: Call,

Der erste Teil der Kommunikation besteht lediglich darin, die Verbindung zwischen dem Client und dem Server herzustellen und die zu verwendenden kryptografischen Schlüssel usw. zu vereinbaren.

<img src="/img/deployment/https/https02.drawio.svg">

Diese Interaktion zwischen dem Client und dem Server zum Aufbau der TLS-Verbindung wird als **<abbr title="TLS-Handschlag">TLS-Handshake</abbr>** bezeichnet.

        .build(),
    )
    client =
      client
        .newBuilder()
        .sslSocketFactory(
          handshakeCertificates.sslSocketFactory(),
          handshakeCertificates.trustManager,
        ).hostnameVerifier(NULL_HOSTNAME_VERIFIER)
        .build()
    val request = Request.Builder().url(server.url("/")).build()
    val response1 = client.newCall(request).execute()

public final class PerCallSettings {
  private final OkHttpClient client = new OkHttpClient();

  public void run() throws Exception {
    Request request = new Request.Builder()
        .url("http://httpbin.org/delay/1") // This URL is served with a 1 second delay.
        .build();

    // Copy to customize OkHttp for this request.
    OkHttpClient client1 = client.newBuilder()
        .readTimeout(500, TimeUnit.MILLISECONDS)