Hi, The explanation about pinning http://developer.android.com/training/articles/security-ssl.html#Pinning and the examples provided closer to the top of the same page http://developer.android.com/training/articles/security-ssl.html#UnknownCa about using a custom TrustManager give a partial example.
You can use openssl to get a copy of the certificate details to embed in your app ( eg read the file from res/raw at runtime to create your TrustManager ) and also implement a HostNameVerifier should your url requests not quite match the details in the certificate(s). eg: openssl s_client -showcerts -connect www.example.com:443 < /dev/null | openssl x509 -outform DER > derp.der - from http://stackoverflow.com/questions/7885785/using-openssl-to-get-the-certificate-from-a-server Regards On Monday, November 23, 2015 at 9:24:54 PM UTC+11, Jags wrote: > > Hi All, > > I am getting data from https server as described below > > > http://developer.android.com/training/articles/security-ssl.html#HttpsExample > > > But I am asked to so certificate pinning in addition to that. Request any > gentle sould to help me with some code snippets on how to do https pinning. > > > Thanks and regards > > Jags > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
