You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you use this library to pin third party certificates (servers you do not own) to protect API keys and user data, will the app be bricked when the certificates from those sites eventually expire? Looking to understand if TrustKit is an approach that would avoid such pinning behavior. This would be for an app that has to support iOS 7.1.2 and up.
The text was updated successfully, but these errors were encountered:
If you configure TrustKit to not enforce pinning for these domains (TSKEnforcePinning set NO), the App will work fine but you will still get reports for pinning validation failures (so you can see if your users are affected, and also detect when the certificates changed).
However, if you want to enforce pinning (ie. block connections when there's a validation failure), it is, as you said, not a good idea to do this for domains you don't own, as the certificate chain could change at any time and brick the App.
If you use this library to pin third party certificates (servers you do not own) to protect API keys and user data, will the app be bricked when the certificates from those sites eventually expire? Looking to understand if TrustKit is an approach that would avoid such pinning behavior. This would be for an app that has to support iOS 7.1.2 and up.
The text was updated successfully, but these errors were encountered: