Possible to provide certificate at runtime?

[erulabs]

Is it possible to provide a certificate at runtime? I have the certificate's pubkey at runtime, but do not know it during build time. The use-case is talking to a local hardware device in each users local network over HTTPS with a self-signed certificate.

An example:

      fetch('https://my-mdns-local-service.local', {
        sslPinning: { certs: [`sha256/PUBKEY-GOES-HERE`] },
      })

where PUBKEY-GOES-HERE is the output of ... | openssl dgst -sha256 -binary | openssl enc -base64 from the docs. It appears I need to have the cer file bundled in the app ahead of time. Is this possible or is this unsupported behavior? As an analog, you can do this sort of certificate verification with curl like curl --cacert cert.crt https://....

Thanks very much for this library by the way, appreciate it!!

Edit, after digging a bit more, https://github.com/MaxToyberman/react-native-ssl-pinning/blob/master/ios/RNSslPinning/RNSslPinning.m#L231 makes me think that no, this is not supported. It seems like I would need another option to pass my own custom list to certificatesInBundle in [AFSecurityPolicy certificatesInBundle:.

[erulabs]

I've attached https://github.com/MaxToyberman/react-native-ssl-pinning/pull/147, which I believe is very close to being what I want, but unfortunately doesn't quite work. I am very much a novice with mobile development, so any help would be greatly appreciated!

[erulabs]

Hurah! After taking a day to learn Objective-Cs syntax a bit better, I sorted out my patch and now have runtime client certificate validation working in https://github.com/MaxToyberman/react-native-ssl-pinning/pull/147 - feel free to close this issue in favor of the PR.

Thanks again for this library!