You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This would have the same issue as any naive pin: you can get stuck on an old cert. Their suggestion to expire pins after time X is laughable.
Check out the same source used for the iOS pinning for Android details.
It's much safer and reliable to pin the root cert instead. Almost the same level of peace of mind, without having to stay ahead of the ever shorter expiry dates. Android permits you to specify certain root(s) is/are trusted for a domain.
Looks like no third-party libraries need,
this can be achieved by a single config https://developer.android.com/training/articles/security-config#CertificatePinningUpd. We need to be able to update certs: https://github.com/wultra/ssl-pinning-android allow dynamic SSL pinning
The text was updated successfully, but these errors were encountered: