Security.ssl-pinning
SSL Pinning
1. What's SSL Pinning?
"SSL Pinning is making sure the client checks the server’s certificate against a known copy of that certificate.
Simply bundle your server’s SSL certificate inside your application, and make sure any SSL request first validates
that the server’s certificate exactly matches the bundle’s certificate. " Ref[1]
"The method used to do this is: connection:willSendRequestForAuthenticationChallenge: inside the NSURLConnectionDelegate protocol.
This method gets called when an SSL connection is made, giving you, the programmer, a chance to inspect the authentication
challenge and either proceed or fail." Ref[1]
2. SSL Pinning in AFNetworking
Ref[9], Ref[8]
Reference
1. SSL Pinning for Increased App Security (Read Again) (AAAA)
https://possiblemobile.com/2013/03/ssl-pinning-for-increased-app-security/
2. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
3. ANDROID SSL PINNING USING OKHTTP
https://medium.com/@develodroid/android-ssl-pinning-using-okhttp-ca1239065616
4. SSL Pinning in UWP Apps
http://resources.infosecinstitute.com/ssl-pinning-in-uwp-apps/
5. Exploring SSL Pinning on iOS
https://nabla-c0d3.github.io/blog/2013/02/19/ios-pinning/
6. MITM ATTACKS & SSL PINNING: WHAT IS IT AND WHY YOU SHOULD CARE.
https://www.ionic.com/blog/mitm-attacks-ssl-pinning-what-is-it-and-why-you-should-care/
7. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
8. About Public Key Pinning (To Read)
https://noncombatant.org/2015/05/01/about-http-public-key-pinning/
https://security.stackexchange.com/questions/29988/what-is-certificate-pinning
9. SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production! (To Read)
http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html
10. How to make your iOS apps more secure with SSL pinning (To Read)
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
11. Certificate and Public Key Pinning (To Read)
https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning
12. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
13. Certificate Pinning in a Mobile Application
https://blog.netspi.com/certificate-pinning-in-a-mobile-application/
14. How to make your iOS apps more secure with SSL pinning
https://infinum.co/the-capsized-eight/how-to-make-your-ios-apps-more-secure-with-ssl-pinning
15. 验证 HTTPS 请求的证书(五)
https://draveness.me/afnetworking5
16. Android Security: SSL Pinning
https://medium.com/@appmattus/android-security-ssl-pinning-1db8acb6621e
17. Prevent bypassing of SSL certificate pinning in iOS applications
https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing
18. SSL pinning in iOS - Swift edition
https://infinum.co/the-capsized-eight/ssl-pinning-revisited
Security.ssl-pinning的更多相关文章
- 如何使用SSL pinning来使你的iOS APP更加安全
SSL pinning在构建一个高度安全的移动APP上扮演了一个十分重要的角色.然而如今好多用户在使用无线移动设备去访问无数不安全的无线网络. 这篇文章主要覆盖了SSL pinning 技术,来帮助我 ...
- iOS SSL Pinning 保护你的 API
随着互联网的发展,网站全面 https 化已经越来越被重视,做为 App 开发人员,从一开始就让 API 都走 SSL 也是十分必要的.但是光这样就足够了吗? SSL 可以保护线上 API 数据不被篡 ...
- SSLPinning简介,使用Xposed+JustTrustMe来突破SSL Pinning
0x00 前面 如果你是一干Web安全的,当你在测试目前大多数的手机APP应用程序时,你一定遇到过burpsuite无法抓到数据包的情况,开始你以为只是https的问题,但是当你使用了burpsuit ...
- 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certificatio
场景:Java调用PHP接口,代码部署在服务器上后,调用报错,显示PHP服务器那边证书我这边服务器不信任(我猜的). 异常信息: 2019-08-06 14:00:09,102 [http-nio-4 ...
- 异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
上周五遇到一个问题,工程本地编译运行正常,打包本地tomcat运行也正常.部署到测试环境报错: 2017-05-05 09:38:11.645 ERROR [HttpPoolClientsUtil.j ...
- 处理Https 异常记录 javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http://blog.csdn.net/baidu_18607183/article/details/51595330 https://blogs.oracle.com/java-platform- ...
- JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name at sun.se ...
- SSL handshake alert: unrecognized_name error since upgrade to Java 1.7
今天将jdk从1.6升级到1.7,但是HttpUrlConnection连接https出现问题了. javax.net.ssl.SSLProtocolException: handshake aler ...
随机推荐
- Docker最简教程
本文旨在让你用最短的时间弄懂Docker命令操作,什么虚拟化都太泛泛了,不讲大道理,实践出真知,让你从此的日常开发和工作中在面对Docker时不再茫然失措而是得心应手.本文也不谈安装,我实在认为作为程 ...
- k8s创建pod流程
kubernetes 创建Pod 的 工作流: step.1 kubectl 向 k8s api server 发起一个create pod 请求(即我们使用Kubectl敲一个create pod命 ...
- iframe高度宽度自适应
iframe { width: 100%; height: 100%; border: none; position: inherit; } 网上全是js方法,而且略显臃肿,故找到了一个css方法,宽 ...
- Django自定义模板标签和过滤器
1.创建模板库 在某个APP所在目录下新建包templatetags,然后在其中创建存储标签或者过滤器的的模块,名称随意,例如myfilters.py. 在这个模块中编写相关代码. 注意:templa ...
- 看Spring注解之IOC记录
首先看源码里有些是java的元注解记录的有如下几个: @Inherited注释:指明被注解的类会自动继承.更具体地说,如果定义注解时使用了 @Inherited 标记,然后用定义的注解来标注另一个父类 ...
- pycharm中运行成功的python代码在jenkin中运行问题总结
我们在用selenium+python完成了项目的UI自动化后,一般用jekins持续集成工具来定期运行,python程序在pycharm中编辑运行成功,但在jenkins中运行失败的两个问题,整理如 ...
- 14Linux_BIND-Linux就该这么学
bind 域名解析 域名→ip地址:正向解析 ip地址→域名:反向解析 主服务器:做管理 从服务器:同步 缓存服务器:转发
- Caused by: java.lang.IllegalArgumentException: argument type mismatch
下面是我的报错信息 at org.apache.ibatis.session.defaults.DefaultSqlSession.selectList(DefaultSqlSession.java: ...
- 38_redux_counter应用_react版本
redux的核心API 使用非redux创建: 项目结构: index.js import React from 'react'; import ReactDOM from 'react-dom'; ...
- stylus含有的特性
Stylus 冒号可有可无 分号可有可无 逗号可有可无 括号可有可无 变量 插值(Interpolation) 混合(Mixin) 数学计算 强制类型转换 动态引入 条件表达式 迭代 嵌套选择器 父级 ...