SSL Pinning and/or CA Restriction Support #307

jakehow opened this Issue Feb 26, 2012 · 2 comments


None yet

2 participants

jakehow commented Feb 26, 2012

I am not sure if this is possible with the frameworks available in iOS, but thought this may be a good place for discussion.

For background see:

We would like to be able to limit SSL communication in our application to using specified certificates, in order to eliminate the risks mentioned in the imperial violet article such as a rooted CA issuing a certificate to a rogue third party.

jogu commented Feb 26, 2012

There's some discussion about how a similar sounding concept might be implemented here:

With the way ASIHTTPRequest is written, it doesn't seem to be entirely possible (you can't verify the certificate before data is sent to the server). I don't know if any of the NSURLConnection based approaches would allow this to be done.

jakehow commented Feb 27, 2012

Cool, also found this which may help frame the issue:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment