Security.ssl-pinning
SSL Pinning
1. What's SSL Pinning?
"SSL Pinning is making sure the client checks the server’s certificate against a known copy of that certificate.
Simply bundle your server’s SSL certificate inside your application, and make sure any SSL request first validates
that the server’s certificate exactly matches the bundle’s certificate. " Ref[1]
"The method used to do this is: connection:willSendRequestForAuthenticationChallenge: inside the NSURLConnectionDelegate protocol.
This method gets called when an SSL connection is made, giving you, the programmer, a chance to inspect the authentication
challenge and either proceed or fail." Ref[1]
2. SSL Pinning in AFNetworking
Ref[9], Ref[8]
Reference
1. SSL Pinning for Increased App Security (Read Again) (AAAA)
https://possiblemobile.com/2013/03/ssl-pinning-for-increased-app-security/
2. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
3. ANDROID SSL PINNING USING OKHTTP
https://medium.com/@develodroid/android-ssl-pinning-using-okhttp-ca1239065616
4. SSL Pinning in UWP Apps
http://resources.infosecinstitute.com/ssl-pinning-in-uwp-apps/
5. Exploring SSL Pinning on iOS
https://nabla-c0d3.github.io/blog/2013/02/19/ios-pinning/
6. MITM ATTACKS & SSL PINNING: WHAT IS IT AND WHY YOU SHOULD CARE.
https://www.ionic.com/blog/mitm-attacks-ssl-pinning-what-is-it-and-why-you-should-care/
7. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
8. About Public Key Pinning (To Read)
https://noncombatant.org/2015/05/01/about-http-public-key-pinning/
https://security.stackexchange.com/questions/29988/what-is-certificate-pinning
9. SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production! (To Read)
http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html
10. How to make your iOS apps more secure with SSL pinning (To Read)
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
11. Certificate and Public Key Pinning (To Read)
https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
12. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
13. Certificate Pinning in a Mobile Application
https://blog.netspi.com/certificate-pinning-in-a-mobile-application/
14. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
15. 验证 HTTPS 请求的证书(五)
https://draveness.me/afnetworking5
16. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
17. Prevent bypassing of SSL certificate pinning in iOS applications
https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing
18. SSL pinning in iOS - Swift edition
https://infinum.co/the-capsized-eight/ssl-pinning-revisited
Security.ssl-pinning的更多相关文章
- 如何使用SSL pinning来使你的iOS APP更加安全
SSL pinning在构建一个高度安全的移动APP上扮演了一个十分重要的角色.然而如今好多用户在使用无线移动设备去访问无数不安全的无线网络. 这篇文章主要覆盖了SSL pinning 技术,来帮助我 ...
- iOS SSL Pinning 保护你的 API
随着互联网的发展,网站全面 https 化已经越来越被重视,做为 App 开发人员,从一开始就让 API 都走 SSL 也是十分必要的.但是光这样就足够了吗? SSL 可以保护线上 API 数据不被篡 ...
- SSLPinning简介,使用Xposed+JustTrustMe来突破SSL Pinning
0x00 前面 如果你是一干Web安全的,当你在测试目前大多数的手机APP应用程序时,你一定遇到过burpsuite无法抓到数据包的情况,开始你以为只是https的问题,但是当你使用了burpsuit ...
- 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certificatio
场景:Java调用PHP接口,代码部署在服务器上后,调用报错,显示PHP服务器那边证书我这边服务器不信任(我猜的). 异常信息: 2019-08-06 14:00:09,102 [http-nio-4 ...
- 异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
上周五遇到一个问题,工程本地编译运行正常,打包本地tomcat运行也正常.部署到测试环境报错: 2017-05-05 09:38:11.645 ERROR [HttpPoolClientsUtil.j ...
- 处理Https 异常记录 javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http://blog.csdn.net/baidu_18607183/article/details/51595330 https://blogs.oracle.com/java-platform- ...
- JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name at sun.se ...
- SSL handshake alert: unrecognized_name error since upgrade to Java 1.7
今天将jdk从1.6升级到1.7,但是HttpUrlConnection连接https出现问题了. javax.net.ssl.SSLProtocolException: handshake aler ...
随机推荐
- PHP7.2中安装mcrypt扩展的问题
当前使用的是宝塔工具,PHP版本是7.2,据说只有7.1以下的版本才会默认安装了mcrypt功能. 所以的7.2的安装如下: yum install libmcrypt libmcrypt-devel ...
- sql 查询语句的练习2
--14.列出所有雇员的雇员名称.部门名称和薪金. select e.ename,d.dname,e.sal from emp e,dept d where e.deptno = d.deptno;- ...
- Jmeter5.1.1+python调用python脚本
1.下载jython https://www.jython.org/downloads.html 下载Download Jython 2.7.0 - Standalone Jar : For embe ...
- Spring Boot微服务如何集成fescar解决分布式事务问题?
什么是fescar? 关于fescar的详细介绍,请参阅fescar wiki. 传统的2PC提交协议,会持有一个全局性的锁,所有局部事务预提交成功后一起提交,或有一个局部事务预提交失败后一起回滚,最 ...
- Spring Boot 初识
发展到今天,spring已经是一个大家族了,如果想要使用其中的两到三个组件就会有多复杂的配置,有时候还有会版本不一致的错误,让人很无奈.于是,就有了spring Boot,spring Boot ...
- python3下同时取得exe、zip和chm下载地址
from selenium import webdriverimport osimport timeimport re cur_path=os.getcwd() #得到程序的当前目录str_file= ...
- jsp页面选择文件上传,获取不到绝对路径问题
选择"D:\\temp\file\test.txt"文件,alert(filename)却是"C:\\fakepath\test.txt" 出现D:\\temp ...
- 转: Ext.data.Store 修改Post请求
Extjs 4.0版本 var Store = Ext.create('Ext.data.Store', { pageSize: pageSize, model: 'Ext.data.Model名称' ...
- Java运行时数据区
目录 1. 概述 2. Java内存结构 3. 程序计数器 4. Java虚拟机栈 5. 本地方法栈 6. 堆 7. 方法区 8. 运行时常量池 9. 直接内存 10. 总结 1. 概述 作为日常的J ...
- 浅谈Java堆内存分代回收
目录 1.概述 2.堆内存是如何分代的 3.各分代之间是如何配合工作的 1.概述 与C++不同的是, 在Java中我们无需关心对象占用空间的释放, 这主要得益于Java中的垃圾处理器(简称GC)帮助我 ...