safe-android icon indicating copy to clipboard operation
safe-android copied to clipboard

Published 20 hours ago verified publisher icon safe-global

Disable SSL pinning temporarily

Open DmitryBespalov opened this issue 2 years ago • 1 comments

SSL certificates are about to change several times for our safe.global website, so DevOps (Raul) asked to temporarily switch off the SSL pinning for new service URLs after migration.

Please disable / do not configure SSL pinning for the new safe.global domains.

We'll need to enable it when the certificates are configured for sure.

DmitryBespalov avatar Oct 14 '22 08:10 DmitryBespalov

Can't we pin on something higher up the certificate chain? So any cert is accepted that is signed by the organization? That way we do not have to renew the the pinning every time a new certificate is used.

As an alternative: For the production environment: Could we have at least 2 certificates with different expiration dates?

biafra23 avatar Oct 20 '22 09:10 biafra23

Verified

liliya-soroka avatar Nov 17 '22 11:11 liliya-soroka