Security.ssl-pinning
SSL Pinning
1. What's SSL Pinning?
"SSL Pinning is making sure the client checks the server’s certificate against a known copy of that certificate.
Simply bundle your server’s SSL certificate inside your application, and make sure any SSL request first validates
that the server’s certificate exactly matches the bundle’s certificate. " Ref[1]
"The method used to do this is: connection:willSendRequestForAuthenticationChallenge: inside the NSURLConnectionDelegate protocol.
This method gets called when an SSL connection is made, giving you, the programmer, a chance to inspect the authentication
challenge and either proceed or fail." Ref[1]
2. SSL Pinning in AFNetworking
Ref[9], Ref[8]
Reference
1. SSL Pinning for Increased App Security (Read Again) (AAAA)
https://possiblemobile.com/2013/03/ssl-pinning-for-increased-app-security/
2. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
3. ANDROID SSL PINNING USING OKHTTP
https://medium.com/@develodroid/android-ssl-pinning-using-okhttp-ca1239065616
4. SSL Pinning in UWP Apps
http://resources.infosecinstitute.com/ssl-pinning-in-uwp-apps/
5. Exploring SSL Pinning on iOS
https://nabla-c0d3.github.io/blog/2013/02/19/ios-pinning/
6. MITM ATTACKS & SSL PINNING: WHAT IS IT AND WHY YOU SHOULD CARE.
https://www.ionic.com/blog/mitm-attacks-ssl-pinning-what-is-it-and-why-you-should-care/
7. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
8. About Public Key Pinning (To Read)
https://noncombatant.org/2015/05/01/about-http-public-key-pinning/
https://security.stackexchange.com/questions/29988/what-is-certificate-pinning
9. SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production! (To Read)
http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html
10. How to make your iOS apps more secure with SSL pinning (To Read)
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
11. Certificate and Public Key Pinning (To Read)
https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
12. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
13. Certificate Pinning in a Mobile Application
https://blog.netspi.com/certificate-pinning-in-a-mobile-application/
14. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
15. 验证 HTTPS 请求的证书(五)
https://draveness.me/afnetworking5
16. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
17. Prevent bypassing of SSL certificate pinning in iOS applications
https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing
18. SSL pinning in iOS - Swift edition
https://infinum.co/the-capsized-eight/ssl-pinning-revisited
Security.ssl-pinning的更多相关文章
- 如何使用SSL pinning来使你的iOS APP更加安全
SSL pinning在构建一个高度安全的移动APP上扮演了一个十分重要的角色.然而如今好多用户在使用无线移动设备去访问无数不安全的无线网络. 这篇文章主要覆盖了SSL pinning 技术,来帮助我 ...
- iOS SSL Pinning 保护你的 API
随着互联网的发展,网站全面 https 化已经越来越被重视,做为 App 开发人员,从一开始就让 API 都走 SSL 也是十分必要的.但是光这样就足够了吗? SSL 可以保护线上 API 数据不被篡 ...
- SSLPinning简介,使用Xposed+JustTrustMe来突破SSL Pinning
0x00 前面 如果你是一干Web安全的,当你在测试目前大多数的手机APP应用程序时,你一定遇到过burpsuite无法抓到数据包的情况,开始你以为只是https的问题,但是当你使用了burpsuit ...
- 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certificatio
场景:Java调用PHP接口,代码部署在服务器上后,调用报错,显示PHP服务器那边证书我这边服务器不信任(我猜的). 异常信息: 2019-08-06 14:00:09,102 [http-nio-4 ...
- 异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
上周五遇到一个问题,工程本地编译运行正常,打包本地tomcat运行也正常.部署到测试环境报错: 2017-05-05 09:38:11.645 ERROR [HttpPoolClientsUtil.j ...
- 处理Https 异常记录 javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http://blog.csdn.net/baidu_18607183/article/details/51595330 https://blogs.oracle.com/java-platform- ...
- JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name at sun.se ...
- SSL handshake alert: unrecognized_name error since upgrade to Java 1.7
今天将jdk从1.6升级到1.7,但是HttpUrlConnection连接https出现问题了. javax.net.ssl.SSLProtocolException: handshake aler ...
随机推荐
- 如何快速扫描C段(网站快照、后台识别/登录、目录扫描)
1.C段扫描 C类地址范围从 192.0.0.1 到 223.255.255.254 ,192转换成二进制就是1100000:223转换成二进制就是1101111:所以说网络地址的最高位肯定是110开 ...
- ganglia之web界面介绍
转自:https://blog.csdn.net/lswnew/article/details/79175555 http://www.51niux.com/?id=83 第一篇文章讲述了gangli ...
- py3,休息时间玩点小把戏
100以内奇数: ls = [x for x in range(100) if x % 2 == 1] 100以内偶数: ls = list(x for x in range(100) if x % ...
- 关于No qualifying bean of type [XXX.XXX] found for dependency 的一次记录
异常开始于spring+springmvc+mybatis 注解配置,启动tomcat服务器出现No qualifying bean of type [com.***.service] found f ...
- PID控制器介绍
在维基百科上查到的PID的介绍,收藏一下,慢慢看. https://zh.wikipedia.org/wiki/PID%E6%8E%A7%E5%88%B6%E5%99%A8#%E6%AF%94%E4% ...
- base编码解码
function b64EncodeUnicode(str) { return btoa(encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, func ...
- 记录小白实习生的HashMap源码 put元素 的学习和一些疑问
首先看HashMap存储结构 transient Node<K,V>[] table; static class Node<K,V> implements Map.Entry& ...
- Why Everyone Should Lift Weights
Why Everyone Should Lift Weights by James Clear I'll say it plain and simple: you should be lifting ...
- week05 codelab01 Babel ES6 webpack Nodejsserver等
Babel 他出现的原因就是很多浏览器还未完全兼容ES6 需要将你写的ES6的内容转换成ES5让浏览器兼容运行 ES5和ES6相比出现很多新内容 比如拼接字符串 ES6可以` ` 里面如果引用变量就用 ...
- 服务主机superFetch占用磁盘过多
有用户升级到Win10系统后,发现系统运行不快,查看任务管理器中正在运行的进程,然后查看到有一个名称为“服务主机:本地系统(网络受限)”的进程的磁盘占用率很高.如果想要解决这个问题,那么不妨参考下面介 ...