Stack Overflow
Stack Overflow

Questions tagged [public-key-pinning]

Pinning is the process of associating a host with their expected X509 certificate or public key.

Pinning is the process of associating a host with their expected X509 certificate or public key.

wiki

45 questions
2
votes
1 answer

Public key pinning in curl does not work without using certificates from the system

I am trying to use libcurl with public-key pinning in order to verify a server's authenticity when downloading a file. Curl is compiled so that it doesn't use any certificates on the system, but only relies on certificates it receives from the…
Claudiu
  • 2,124
  • 4
  • 26
  • 36
2
votes
1 answer

Okhttp - Certificate Pinning and Public Key Pinning

I want to improve safety of my Android application. I am using OkHttp version 3. How to: 1) use Certificate Pinning with OkHttp. 2) use Public Key Pinning with OkHttp. When I am doing this: httpClient.certificatePinner(new…
taulus
  • 69
  • 8
2
votes
1 answer

SSL - Public key pinning confusion

How SSL key pinning prevents MITM attacks when some CA is compromised? What I understand from comprising CA is, private keys are compromised and an attacker can easily get symmetric key used to encrypt data. Am I right? Another thing, if public…
mallaudin
  • 4,744
  • 3
  • 36
  • 68
2
votes
1 answer

how can i renew certbot/letscrypt certificate with same keys?

I'm noob with SSL. I have implemented SSL with cerbot/letscrypt [nginx/Ubuntu 14.04]. I had also done public key SSL pinning on the android app. Everything is in production and working fine. But once the certificate expires i want to renew…
Harsh Bhikadia
  • 10,095
  • 9
  • 49
  • 70
2
votes
1 answer

Public Key pinning with X509TrustManagerExtensions checkServerTrusted

Public key pinning in for a HTTPS TLS connection. There is an issue with Android API, below 17, that enables MITM (Man in the Middle) attack incase of public key pinning. This has been explained in the link…
B.B.
  • 924
  • 2
  • 11
  • 28
1
vote
1 answer

OkHttp certificatePinner seems not working

i need some help, im trying to implement SSLPinning on my react-native application (v0.63). im already follow the documentation on OkHttp github page here is code i make for my application : public class CustomClientFactory implements…
tiwtiwtiwtiwaaaaa
  • 110
  • 9
1
vote
0 answers

SSL Pinning in Android with network-security-config

I have this code in my app In res>xml>network_security_config.xml MY_DOMAIN.com
Samuel Adorni
  • 208
  • 2
  • 14
1
vote
1 answer

Best practice for wildcard SSL certificate renewal in Azure, having pinned mobile application

We have the following situation and need an advice, since nobody ha a previous experience with pinned mobile applications. We have one wildcard SSL certificate for the domain, maintained at Azure - *.example.com There are multiple endpoints that…
mikosha
  • 11
  • 1
1
vote
0 answers

Public Key Pinning not blocking anything

I am trying to implement the "Public-Key-Pinning" on my IIS server but even when I enter a wrong hash, the page is still accessible without any kind of error (tested on google chrome) The header is as…
David
  • 21
  • 4
0
votes
0 answers

Hilt Singleton how to update Retrofit certificatePinner values at runtime

@Singleton @Provides fun providesHttpClient( logging: HttpLoggingInterceptor, @ApplicationContext context: Context, authenticator: TokenAuthenticator ): OkHttpClient { return OkHttpClient.Builder() .addInterceptor(logging) …
Faizan Akram
  • 1
  • 2
0
votes
1 answer

Extracting ssl certificate or expiry date from publickey in swift ios

everyone I want to implement dynamic SSL pinning.So as to implement it through publicKey,I have to update the publicKey when certificate against it expires. I have checked third party library like wultra/SSL pinning ios,but it is little complicated…
Ankit Kumar Gupta
  • 1
0
votes
0 answers

How SSL Pinning gives security

In SSL pinning we have public key or certificate of server which is public to everyone mean everyone have that certificate or public key so how it is secured? Everyone have key to access to server I am implementing SSL Pinning in my project that…
Nandini Agarwal
  • 1
  • 1
0
votes
2 answers

Public Pinning in Android

I am using SSL cert pinning in retrofit with using sha256 key. But, it gets expire after certain times. At that time I have to update applications with new sha256 key. This is not reliable practice for customers to update app every time. How can I…
Bhoomika Brahmbhatt
  • 7,404
  • 3
  • 29
  • 44
0
votes
0 answers

SSL public key pinning is not working with HttpClientHandler for Xamarin.iOS, can still be eavesdropped. How do I secure the app against MITM attacks?

I am new to Xamarin Forms and also SSL Pinning. I am looking at an issue regarding SSL pinning in a preexisting app at work. The idea is that, with server certificate (or public key) pinned, the app should close when a proxy (middle man) is…
curiosolio
  • 11
  • 2
0
votes
1 answer

HTTPS - verification of server SSL certificate by the browser

I have one doubt regarding process of server SSL certificate's verification by the web browser (like Firefox/Chrome). I read a lot about mechanisms which minimize the risk of application of misissued CA/intermediate CA certificates (i.e. hacked CA…
BartekS
  • 127
  • 1
  • 1
  • 7
1
2
3