Menu
This is my C++ code that I am using in Obj-C and JAVA projects.
string readBuffer;
string certificateBeingUsed;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://apiServer");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteCallback);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &readBuffer);
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 120);
curl_easy_setopt(curl, CURLOPT_ENCODING, GZIP);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER , true);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST , 2);
curl_easy_setopt(curl, CURLOPT_CAINFO,certificateBeingUsed);
CURLcode res;
res = curl_easy_perform(curl);
In Xcode, I have my ceritificate "certificatePinning.der" stored in Resources/Certificates folder.
To use the code above, I set certificateBeingUsed to my certificate path:
certificateBeingUsed = "/Users/graceo/Library/Developer/CoreSimulator/Devices/1BB154CB-276B-4DDC-86C8-4975213D7E3B/data/Containers/Bundle/Application/4819EC2A-CA18-46BF-815F-445B5E3E519F/TestStoryBoardWithLibraryAndSwift.app/certificatePinning.der"
and res returns success with readBuffer containing the response sent from the server.
In Android Studio, I have my ceritificate "certificatePinning.der" stored in assets folder. (I copy it to the data folder before using it)
To use the code above, I set certificateBeingUsed to my certificate path:
certificateBeingUsed = "/data/data/packageName/certificatePinning.der"
but res returns CURLE_SSL_CACERT_BADFILE (77) and readBuffer is empty
What is it that I am missing in Android that could not validate the certificate stored with the server's ??
NB:
242
This may be a problem with encoding, try to convert your .der file to .pem format using this:
openssl x509 -in cert.crt -inform der -outform pem -out cert.pem
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
