Certificate or Public key pinning slows down Web service response in Android

Asked Jun 22 '16 at 11:37

Active Jun 22 '16 at 11:52

Viewed 364 times

When I perform pinning (certificate / public key) on web services, in Android. I see that the time taken for the app to receive a response from the web service is close to double the time required without pinning.

This is because, the mechanism of pinning first establishes a connection to retrieve the certificates and validate them, and then goes for a second connection (not sure) to retrieve the response, from the server.

NOTE - In Android, it is advisable to use a connection on demand basis rather than a continuous connection to save power and bandwidth, on the device for the end user (unless required)

I would like to know if there is a way to optimise this sequential connections calls?

Example - https://github.com/jiahaoliuliu/pubKeyPinningInAndroid/blob/master/app/src/main/java/org/owasp/pubkeypin/PubKeyManager.java

Thanks in advance.

edited Jun 22 '16 at 11:52

asked Jun 22 '16 at 11:37

B.B.

1

It might help to provide a [mcve] demonstrating how you are implementing the pinning. – CommonsWare Jun 22 '16 at 11:44
http://stackoverflow.com/questions/28667575/pinning-public-key-in-my-app – B.B. Jun 22 '16 at 11:54

Certificate or Public key pinning slows down Web service response in Android

0 Answers0