Certificate Pinning in IBM MobileFirst Platform Foundation 7.1
New in IBM MobileFirst Platform Foundation 7.1 are several Hardened security features.
One of these features is Certificate Pinning.
In the following video I begin by explaining the very basics of secure communication and one of its pitfalls, and how it can be addressed by using Certificate Pinning. The sample application used in the video can be downloaded from GitHub: https://github.com/IdanAdar/CertificatePinningProject
- Certificate pinning is currently supported in Hybrid and Native applications for iOS and Android
- Currently only 1 server certificate at a time is supported, and not multiple certificates
- Click for user documentation and available APIs for Hybrid, native iOS and native Android.
- Click for user documentation on setting up the truststore of your application server with the required CA-signed certificate.
You can download the sample application seen at the video from GitHub: https://github.com/IdanAdar/CertificatePinningProject
Using the sample
- Make sure to place the CA-signed certificate in the server and client application
- Make sure to point the client application to the same host that was used in the certificate
- Update the method in main.js with the name of your certificate