Certificate Pinning in IBM MobileFirst Platform Foundation 7.1

New in IBM MobileFirst Platform Foundation 7.1 are several Hardened security features.
One of these features is Certificate Pinning.

In the following video I begin by explaining the very basics of secure communication and one of its pitfalls, and how it can be addressed by using Certificate Pinning. The sample application used in the video can be downloaded from GitHub: https://github.com/IdanAdar/CertificatePinningProject

Support level

  • Certificate pinning is currently supported in Hybrid and Native applications for iOS and Android
  • Currently only 1 server certificate at a time is supported, and not multiple certificates

Learn more

Sample application

You can download the sample application seen at the video from GitHub: https://github.com/IdanAdar/CertificatePinningProject

Using the sample

  1. Make sure to place the CA-signed certificate in the server and client application
  2. Make sure to point the client application to the same host that was used in the certificate
  3. Update the method in main.js with the name of your certificate
Inclusive terminology note: The Mobile First Platform team is making changes to support the IBM® initiative to replace racially biased and other discriminatory language in our code and content with more inclusive language. While IBM values the use of inclusive language, terms that are outside of IBM's direct influence are sometimes required for the sake of maintaining user understanding. As other industry leaders join IBM in embracing the use of inclusive language, IBM will continue to update the documentation to reflect those changes.
Last modified on June 23, 2016