aws-mobile-appsync-sdk-ios icon indicating copy to clipboard operation
aws-mobile-appsync-sdk-ios copied to clipboard
verified publisher icon awslabs

SSL Pinning

Open cnhst opened this issue 4 years ago • 3 comments

State your question I would like to implement the SSL Pinning feature in my app and I'm using AWSAppSyncClient for networking. Does the library have support for this? Or what are the options to implement this?

Environment:

  • AppSync SDK Version: 3.1.12
  • Dependency Manager: Cocoapods
  • Swift Version: 5.0

Device Information:

  • Device: Device: iPhone 12
  • iOS Version: iOS 14.4
  • Specific to simulators:

cnhst avatar Jul 23 '21 22:07 cnhst

Hi

I would like to follow up with the option to implement SSL pinning feature on the AWSAppSync SDK, any update or advice for this implementation?

Thank you very much.

kelvinyap-axrail avatar Apr 06 '22 10:04 kelvinyap-axrail

@lawmicha Can you please advise on the AWSAppSync SSL pinning implementation? Thank you very much

kelvinyap-axrail avatar Apr 26 '22 22:04 kelvinyap-axrail

@lawmicha is updating to latest SDK version will enable the Certificate Pinning? The Android app using AWSAppSync Android SDK is already enabled for the Certificate Pinning without any configuration or implementation. Can you please help on this issue? Thank you very in advance.

kelvinyap-axrail avatar Apr 27 '22 05:04 kelvinyap-axrail

Hi @kelvinyap-axrail

Apologies for delayed response. We don't support certificate pinning. We recommend to use the OS-provided security measures such as App Transport Security which includes enforcement of minimum TLS levels (version 1.2 or later), validation of trust chains, and Certificate Transparency.

royjit avatar May 19 '23 21:05 royjit