Android Question Certificate pinning and Signing scheme V2

Q

quansofts

Member
Hi Erel,
As of now is any way to:
  1. Implement certificate pinning? my customers do not wants to install the certificate on device
  2. Signing scheme v2 rather then v1? as per security standpoint the v1 scheme now is not efficient and need to be upgraded to at least v2 or higher
If it is not possible now, do we have any chance to have these features in future?

Many thanks for any guide/idea

Quan
 
Sort by date Sort by votes
Erel

Erel

B4X founder
Staff member
Licensed User
Longtime User
B4A uses signing scheme v2, 3 and 4. Make sure to use the latest version of B4A.

About certificate pinning. You made another post where you mistakenly wrote that it is important for security. This is wrong. It is not required. The whole internet is built without certificate pinning and relies on trusted authorities.
The only case where it can be important is if you are using a non-trusted certificate and you don't want to enable the "trust all" option.

It should be possible to implement it using Kickstart: https://www.b4x.com/android/forum/t...tputils2-sslcontext-kickstart.132549/#content
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Erel
  • Locked
  • Question
Other B4A v10.7 is available for download
2 3 4
Replies
71
Views
37K
Erel
Erel
andredamen
  • Question
Android Question Google sign app with signature scheme v2
Replies
2
Views
1K
andredamen
andredamen
Erel
  • Article
Android Code Snippet [B4X] MQTT SSL and Self Signed Certificates
Replies
2
Views
6K
Erel
Erel
Erel
  • Locked
  • Article
B4A Class [class][B4X] Google OAuth2
2
Replies
23
Views
31K
Erel
Erel
Erel
  • Locked
  • Article
Android Tutorial (old) Google Maps Android v2 tutorial
39 40 41
Replies
811
Views
329K
Erel
Erel
Top