Open josera21 opened 2 years ago
Describe the bug The SSL Pinning is not working on Android 6 Marshmallow but it works fine for Android N and above
To Reproduce
Expected behavior The request with an invalid certificates should not work on both Android 6 and => 7.
TrustKit configuration network_security_config.xml
<?xml version="1.0" encoding="utf-8"?> <network-security-config> <base-config cleartextTrafficPermitted="true"> <trust-anchors> <certificates src="system"/> <certificates src="user" /> </trust-anchors> </base-config> <!-- Pin the domain example.com--> <!-- Official Android N API --> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set> <pin digest="SHA-256">JlgeWvslDDLd6LweqYxg4gANDQkZKDE7+ER3G/FP3BM=</pin> <pin digest="SHA-256">jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=</pin> </pin-set> <trustkit-config enforcePinning="true"> </trustkit-config> </domain-config> </network-security-config>
MainActivity.java
@Override protected void onCreate(Bundle savedInstanceState) { /* Start of certificate pinning */ try { TrustKit.initializeWithNetworkSecurityConfiguration(this); } catch (Exception e) { e.printStackTrace(); } // OkHttp 3.3.x and higher OkHttpClient client = new OkHttpClient.Builder() .sslSocketFactory(OkHttp3Helper.getSSLSocketFactory(), OkHttp3Helper.getTrustManager()) .addInterceptor(OkHttp3Helper.getPinningInterceptor()) .followRedirects(false) .followSslRedirects(false) .build(); /* End of certificate pinning */ super.onCreate(savedInstanceState); }
App details:
Describe the bug The SSL Pinning is not working on Android 6 Marshmallow but it works fine for Android N and above
To Reproduce
Expected behavior The request with an invalid certificates should not work on both Android 6 and => 7.
TrustKit configuration network_security_config.xml
MainActivity.java
App details: