Login
    Contenu x
    Integrate SSL pinning
    • 19 Oct 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    Contenu

    Integrate SSL pinning

    • Mis à jour le 19 Oct 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    The SSL pinning feature verifies the public keys of servers before allowing communication. A list of accepted public key of certificates is embedded inside the application, and any HTTPS request to a host that is not pinned will be refused.

    To enable SSL pinning, you need to embed either the SSL certificate or the public key of your server in your mobile application. Upon connection, the client compares the server's certificate or public key against the embedded one. If they match, the connection is established, if they do not match, the connection is terminated.

    You can export a PEM-encoded certificate from a keystore using the keytool with this command:

    keytool -export -alias MyCertificateAlias -keystore MyKeyStore.keystore -rfc -file MyPEMCertificate.pem

    You can export a PEM-encoded certificate using OpenSSL with this command:

    openssl x509 -pubkey -noout -in MyPEMCertificate.pem

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle