SSL Pinning Pin Set property

Official Content
This documentation is valid for:
Specifies SSL Pinning Pin Set values to validate https connection from devices to server.

Description

The SSL Pinning Pin Set defines the server public key hash (pin sha-256). This can contain more than one key hash separated by comma (,).

If this property has a value, then a Certificate pinning is performed by the device when it is connected to the server set in the Services URL property.

Certificate pinning is done by providing a set of certificates by hash of the public key (SubjectPublicKeyInfo of the X.509 certificate). A certificate chain is then valid only if the certificate chain contains at least one of the pinned public keys.

Important: To be able to set this property for a Panel for Smart Devices object, Work With for Smart Devices object or Menu for Smart Devices object its Main program property must be set to True.


More Info:

OWASP Certificate and Public Key Pinning

Run-time/Design-time

This property applies only at design-time.

Samples

For example, in the case of the server apps5.genexus.com its key hash is:

"LjCcH/Lyd5M5T2ulEMxYhqS7JkgJmCzUf1fxoYzy5D4="

One key hash is always a 44 char length string.

How to apply changes

To apply changes made by this property, Build a main object.

Availability

This property is available since GeneXus 16 upgrade 6.

Scope

Objects: Menu for Smart Devices, Panel for Smart Devices, Work With for Smart Devices
Platforms: Smart Devices(Android)

See Also

OWASP Certificate and Public Key Pinning
Android Developer Security Certificate Pinning
Services URL property