Popular articles
Certificate pinning is a security technique that involves associating a trusted SSL/TLS certificate with a specific host, effectively "pinning" the certificate to the host. This technique helps to prevent man-in-the-middle attacks by ensuring that a trusted certificate is only used for the intended host.
Here's how certificate pinning works:
- The client establishes a secure connection with the server, and the server presents its SSL/TLS certificate to the client.
- The client checks the certificate to ensure that it is valid and issued by a trusted certificate authority (CA).
- The client stores the certificate, or a hash of the certificate, locally as a "pin."
- For future connections to the same server, the client compares the stored pin to the certificate presented by the server. If the pin and the certificate match, the connection is considered secure. If the pin and the certificate do not match, the connection is considered insecure and is terminated.
Certificate pinning can be implemented in a variety of ways, including at the operating system level, at the browser level, or within an application. It is an important security technique that helps to protect against man-in-the-middle attacks, but it can also make it more difficult for legitimate parties (e.g., security researchers or network administrators) to inspect or modify network traffic.
Looking help for your business or personal use?
Drop us a line and we'll get back to you.
