Handle site certificate expiry with OkHttp Certificate pinning on Android
Date : March 29 2020, 07:55 AM
|
OkHttp3, Retrofit and certificate pinning: how to give an expiration to the pinning
Date : March 29 2020, 07:55 AM
I hope this helps you . Is there a method to tell OkHpttp3/Retrofit to have the desired behaviour? OkHttpClient.Builder = new OkHttpClient.Builder();
if (applyPins()) {
CertificatePinner certificatePinner = new CertificatePinner.Builder()
.add("dummy.com", "sha256/xxxxxxxxxx=")
.build();
builder..certificatePinner(certificatePinner);
}
OkHttpClient httpClient = builder
.callTimeout(240, TimeUnit.SECONDS)
.readTimeout(240, TimeUnit.SECONDS)
.retryOnConnectionFailure(true)
.build();
Retrofit retrofitKripton = new Retrofit.Builder()
.baseUrl(baseUrl)
.addConverterFactory(KriptonBinderConverterFactory.create())
.addConverterFactory(ScalarsConverterFactory.create())
.client(httpClient).build();
|
What would happen if I renew my server certificate and my application is doing certificate pinning?
Date : March 29 2020, 07:55 AM
help you fix your problem If you're pinning the leaf certificate, you will need to update your app with the new leaf certificate or pinning will fail. You can ship both the old and new certificates with the app at the same time and pinning should continue to work just fine.
If you're pinning the public key or one of the branch certificates, and you can verify those items aren't changing with the new certificate, you may not need to do anything.
|
SocketRocket After trying to install socketrocket so that I can make PonyDebugger work, I'm getting 3 Apple Match-O link
Date : March 29 2020, 07:55 AM
|
Certificate Pinning - Generate SHA256 Pinning Key from Certificate .crt file
Date : March 29 2020, 07:55 AM
wish helps you This is what you're looking for. Make sure you have the latest version of openssl
|
Boards Message :
Related QUESTIONS :