How to implement SSL Certificate Pinning in Native Layer Android programmatically
Question
I have successfully implemented for SSL Certificate Pinning for my Android Studio developed Application.
I am using web services Request and response using XML protocol.
I have done for Java layer ssl pinning in my application,for this pinning purpose, I have used two certificates .crt and .bks files stored in app raw folder.
However, when access to the app was given to the audit team, they broke the SSL Pinning and they are suggesting to use the Native Layer SSL certificate Pinning implementation, instead of Java layer SSL certificate pinning.
I have read this link regarding the implementation of Native Layer SSL Certificate Pinning. But, I did not understand it.
Kindly suggest a good example for native layer pinning.
1 answers
solution1
1 ACCPTED 2018-03-23 06:43:11
Actually, I am using Async Task web services calling for request and response from mobile app to server. In that place, I have implemented SSL Pinning for calling web services request from Mobile App to Server end. This method called for Java Layer SSL Pinning implementation.
For my Audit Team Suggested to use Native layer SSL Pinning, while calling web services from mobile to server req, resp, instead of Java layer SSL Pinning. first, I did not understand that type.
finally, I found it solution, they are suggesting to user for Native layer means, use for Volley, Retrofit Library for web services request and response calling.
They are suggesting to reduce the default async calling with Default Http to hit the web services. Instead of suggesting to use for Volley, Retrofit to use for mobile request and response with SSL Pinning Implementation.
Note: who are all already implemented for SSL, They only easily understand this suggestion.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.