Menu
How do you update expired ssl certificates if ssl pinning is used on ios apps? It seems like only an app update would enable updating the certificate but then users who don't update the app will not receive this update.
534
The key is to understand the possible values for AFSecurityPolicy's pinningMode.
AFSSLPinningModeCertificate means that the certificate provided by the server must match exactly one of the pinned certificates, which by default are the certificates in your app bundle. This is the mode you are currently using.
AFSSLPinningModePublicKey means that the certificate provided by the server must contain the same public key as one of the certificates pinned by your app.
If you use AFSSLPinningModePublicKey and renew (update) your server certificate with the same keypair, your iOS app will continue to work without modification.
150
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
