Pinning is the process of associating a host with their expected X509 certificate or public key.
Pinning is the process of associating a host with their expected X509 certificate or public key.
Questions tagged [public-key-pinning]
45 questions
13
votes
1 answer
SSL Pinning using Google Volley
I am starting my question by mentioning what I have tried so far:
I do not have certificate in my app, I am using SHA256 key only, Most of the answer on internet requires physical certificate in app to load it in keystore, I don't have that.
I am…
NaserShaikh
- 1,576
- 2
- 23
- 39
6
votes
1 answer
How to update pinned ssl certificates android
I am implementing SSL pinning in our android app. I have pinned 2 certificates (current and backup) at the client by embedding them in the app.
Now, I want to have a mechanism in place to update these certificates without requiring to roll out an…
ctor
- 805
- 1
- 10
- 26
5
votes
3 answers
iOS TLS/SSL Pinning using NSRequiresCertificateTransparency key in Info.plist
I want to secure my app against man-in-the-middle (mitm) attacks using SSL Pinning.
By default it is possible to use a proxy like Charles or mitmproxy to intercept traffic, and decrypt it using a self-signed certificate.
After extensive research, I…
de.
- 7,068
- 3
- 40
- 69
4
votes
6 answers
add public key pinning in alamofire manger class swift
here is my alamofire manager, how I can add public key pinning on it ? please help me, I couldn't know the way to do it in my code, if possible I need explanation step by step on how do that with AFManager that has all the requests
class AFManager :…
Rooh Al-mahaba
- 594
- 1
- 14
- 28
3
votes
1 answer
How to do SSL public key pinning in flutter/dart?
relatively new to Flutter here (and programming in general). Only familiar with the more basic stuffs but I've now encountered the need to use a CertificatePinner such as this in…
TWH
- 185
- 1
- 2
- 11
3
votes
0 answers
How to implement cert pinning with public keys in Node.js?
Is there an equivalent library like TrustKit that handles cert pinning with public keys hashes for Node? Or an http client that incorporates the pinning like OkHttp does for Android?
Yarn
- 238
- 1
- 12
3
votes
1 answer
Get SecKey from SecCertificate pre iOS 10.3
I need to get public key from certificate
I've found a way to do it on iOS 12+ and iOS 10.3+, but how can I do it on iOS 10.0+?
func publicKey(for certificate: SecCertificate) -> SecKey? {
if #available(iOS 12.0, *) {
return…
Dmytro Rostopira
- 10,588
- 4
- 64
- 86
2
votes
2 answers
Certificate pinning Android with Retrofit
I am implementing ssl pinning in my app and i use leaf node certificate which is for my website in certificate hierarchy.
val certificatePinner = CertificatePinner.Builder()
.add(
BuildConfig.DOMAIN,
…
Mahesh
- 1,257
- 1
- 14
- 24
2
votes
1 answer
How to do SSL public key pinning in Alamofire swift 5
I am trying to integrate SSL public key pinning in Alamofire swift 5, but I found ServerTrustPolicyManager which is deprecated. Please help me to integrate. Thanks.
Bhimashankar
- 55
- 2
- 10
2
votes
1 answer
How to implement SSL Pinning - Public Key Pinning (Not Certificate Pinning) with Moya in Swift?
I went through may blogs on internet but finding issue when implementing it. Blogs like https://betterprogramming.pub/ssl-pinning-with-moya-in-swift-d5a5edae22c2 (using certificate pinning)
Is there anyone who did Public Key Pinning with Moya and…
Renuka Pandey
- 1,730
- 2
- 15
- 27
2
votes
1 answer
There is way to counteract frida toolkit in android app?
in app i use native network security config for public key pinning.
using frida toolkit our security team can bypass pinning.
the question is simple: there is any way to protect against that or not ?
Alessandro Scarozza
- 4,273
- 6
- 31
- 39
2
votes
0 answers
ssl pinning with react native and ios
I want to implement ssl pinning (pinning public key) in my project. To do that, i use react-native-ssl-pinning.
I follow the instructions to install, and it works well with android.
However, on iOS, I always get an error "Cancelled". When run from…
Sylvain
- 509
- 1
- 7
- 17
2
votes
1 answer
How to properly set HPKP header (Public-Key-Pinning Header)?
I am absolutely confused about the header Public-Key-Pinning. How do you add it in Apache?
What I did:
Took the public key hash from my domain cert, intermediate cert and the root certs separately and added this to apache, mod_headers is enabled.…
Example person
- 3,198
- 3
- 18
- 45
2
votes
0 answers
How to use public key pinning instead of certificate pinning
I have been using certificate pinning. But now the requirement is to change to public key pinning. I took the project from someone else. I can implement public key pinning using Trustkit. But If I am going to use TrustKit, I have to change a lot of…
Jack Golden
- 21
- 3
2
votes
1 answer
Subject Publish Key Pinning for HTTPs
I am implementing the SPKI Pinning to my mobile apps and i wonder if the Subject Publish Key will change when I renew it with another CA?
I still use the same CSR to generate the cert. People say that the Public Key will be the same if we use the…
Ryan Ho
- 293
- 1
- 3
- 14