Allowing API Calls to Non-listed PublicKeys #130
Replies: 1 comment 2 replies
-
Hi @Ali-Haider-CreditBook, apologies, just saw this discussion. To clarify, is the intended behavior you're looking for to prevent network connections to other hosts that are not listed in the SSL pinning library? If so, this library does not support that behavior as the primary purpose is to verify the server you're communicating with is associated with the right certificates to prevent MitM attacks. You can read more about SSL pinning here: https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning Out of curiosity, why do you need to prevent communication with other hosts? |
Beta Was this translation helpful? Give feedback.
-
I am facing an issue where it is also allowing API calls to other hosts that I didn't list down while initializing.
Beta Was this translation helpful? Give feedback.
All reactions