Certificate pinning: App taking old certificate from app data for both android and ios?

Question

We are using Mobilefirst 7.1 for hybrid application. We have implemented certificate pinning in the application. The certificate got expired and we replaced it with the new one. But the application is taking old certificate from Application cache and it is blocking the application to connect to server. After we remove the app cache and app data the application is working fine. Kindly suggest any solution for this?

score 0 · Answer 1 · edited May 23 '17 at 12:25

0

Can you check if you have kept the same public key as before. Otherwise you will have to release a new version with the renewed certificate. Check this link for further details

edited May 23 '17 at 12:25

Community

1
1

answered Feb 16 '17 at 14:34

Srinivas Sama

89
5

We haven't kept the same public key. So we replaced the existing key with new public key. So when the application is downloaded from play store or app store. It is taking the certificate from cached data. – Arun Punnath Feb 17 '17 at 03:07

Certificate pinning: App taking old certificate from app data for both android and ios?

1 Answers1