Related
lifeisfoo How to pin certificate to NSURLSession in Swift? The OWASP website only contains an example of Objective-C and NSURLConnection. lifeisfoo Swift 3+ update: Just define a delegate class for NSURLSessionDelegateit and implement the didReceiveChallenge f
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and I have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL cert
Milov I am trying to do SSL pinning in my application. After all the guides I got this: AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
policy.allowInvalidCertificates = YES;
NSData *localCertificate = [NSData d
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL certif
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and I have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL cert
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and I have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL cert
bob Has anyone seen a way to pin Alamofire with a fingerprint instead of a public key? Sorry if answered, I didn't look anywhere. thanks bob The end result is simple. The code below may not be perfect, my real code is doing some additional checks, but that's j
IHC_Applroid I would like to know how the regular SSL protocol is different from SSL pinning. By setting https, we can encrypt requests using SSL. Someone with a moderate attack will not be able to see the original payload. I also know that SSL pinning is anot
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and I have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL cert
Chris This issue is related to the use of SSL pinning in client applications for web api and certificate expiry. Scenario : I own example.com, and I have a subdomain hosting the api , for example: api.example.com I wish to use the api over SSL , so an SSL cert
grace This is the C++ code I use in Obj-C and JAVA projects. string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_ea
grace This is the C++ code I use in Obj-C and JAVA projects. string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_ea
grace This is the C++ code I use in Obj-C and JAVA projects. string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_ea
grace This is the C++ code I use in Obj-C and JAVA projects. string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_ea
lex hobbit I have installed and configured sslsplitand generated the root certificate and added it to my phone (Android). How to detect SSL pinning? funk soul bro When you put a proxy between the mobile device and the server it communicates with, applications
Malodin How to SSL key pinningprevent MITM attackssome people CAfrom being threatened? What I've learned comprising CAis that the private key is compromised and attackers can easily get symmetric keyused to encrypting data. am i right? Another thing, how do we
lex hobbit I have installed and configured sslsplitand generated the root certificate and added it to my phone (Android). How to detect SSL pinning? funk soul bro When you put a proxy between the mobile device and the server it communicates with, applications
Malodin How to SSL key pinningprevent MITM attackssome people CAfrom being threatened? What I've learned comprising CAis that the private key is compromised and attackers can easily get symmetric keyused to encrypting data. am i right? Another thing, how do we
Malodin How to SSL key pinningprevent MITM attackssome people CAfrom being threatened? What I've learned comprising CAis that the private key is compromised and attackers can easily get symmetric keyused to encrypting data. am i right? Another thing, how do we
lex hobbit I have installed and configured sslsplitand generated the root certificate and added it to my phone (Android). How to detect SSL pinning? funk soul bro When you put a proxy between the mobile device and the server it communicates with, applications
Mohandis Bharat We are using Flutter for app development. Our security testers said we need to disable SSL Pinning in the Flutter code so they can run some tests. We can't. We use the Dio package for HTTP requests. How do we disable SSL Pinning on Flutter? Aki
Andy: I'm trying to use Secure Sockets Layer (HTTPS) to connect to a PHP script in Java, but I've found that for maximum security/validity I have to import the SSL certificate used by the website into my application. ..I do not know what to do. If it helps, my
iOS Monkey I understand how SSL works, but my question is more about the storage of certificates on the client side. To understand the exact context, let's assume I'm writing my own browser. My rendering part will be done by WebKit and the HTTP request handlin
iOS Monkey I understand how SSL works, but my question is more about the storage of certificates on the client side. To understand the exact context, let's assume I'm writing my own browser. My rendering part will be done by WebKit and the HTTP request handlin
Sam Recently purchased an SSL certificate, but the site doesn't seem to be able to load the site CSS. Here is the link https://www.rentpayment.com/ By looking at the console error message this seems to be the problem: <link rel="stylesheet" href="http://www.re
Andy: I'm trying to use Secure Sockets Layer (HTTPS) to connect to a PHP script in Java, but I've found that for maximum security/validity I have to import the SSL certificate used by the website into my application. ..I do not know what to do. If it helps, my
O. Shekri Raz Today I installed a free ssl certificate on my website and it was easy, but I have some questions about it. FreeSSL returned three files: "private.key", "certificate.crt", "ca_bundle.crt". So there are my questions: 1) Who does this private key b
iOS Monkey I understand how SSL works, but my question is more about the storage of certificates on the client side. To understand the exact context, let's assume I'm writing my own browser. My rendering part will be done by WebKit and the HTTP request handlin
Eric Sometimes I use elink for web browsing and it happens that some HTTP sites fail to load due to it SSL error. An example is https://www.rust-lang.org , which doesn't load in elink but works fine on other browsers like Chrome and firefox. Checking the https