Android Question Certificate pinning and Signing scheme V2

Q

quansofts

Member
Hi Erel,
As of now is any way to:
  1. Implement certificate pinning? my customers do not wants to install the certificate on device
  2. Signing scheme v2 rather then v1? as per security standpoint the v1 scheme now is not efficient and need to be upgraded to at least v2 or higher
If it is not possible now, do we have any chance to have these features in future?

Many thanks for any guide/idea

Quan
 
Sort by date Sort by votes

Erel

B4X founder
Staff member
Licensed User
Longtime User
B4A uses signing scheme v2, 3 and 4. Make sure to use the latest version of B4A.

About certificate pinning. You made another post where you mistakenly wrote that it is important for security. This is wrong. It is not required. The whole internet is built without certificate pinning and relies on trusted authorities.
The only case where it can be important is if you are using a non-trusted certificate and you don't want to enable the "trust all" option.

It should be possible to implement it using Kickstart: https://www.b4x.com/android/forum/t...tputils2-sslcontext-kickstart.132549/#content
 
Upvote 0
You must log in or register to reply here.

Similar Threads

  • Locked
  • Question
Other B4A v10.7 is available for download
2 3 4
Replies
71
Views
49K
Erel
  • Question
Android Question Google sign app with signature scheme v2
Replies
2
Views
2K
andredamen
  • Article
Android Code Snippet [B4X] MQTT SSL and Self Signed Certificates
Replies
2
Views
8K
Erel
  • Locked
  • Article
B4A Class [class][B4X] Google OAuth2
2
Replies
23
Views
38K
Erel
  • Locked
  • Article
Android Tutorial (old) Google Maps Android v2 tutorial
39 40 41
Replies
811
Views
407K
Erel
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…