javax.net.ssl.SSLHandshakeException: Pin verification failed API24 real device

datatheorem / TrustKit-Android

Easy SSL pinning validation and reporting for Android.

MIT License

584 stars 87 forks source link

javax.net.ssl.SSLHandshakeException: Pin verification failed API24 real device #41

Closed fraferrando closed 5 years ago

fraferrando commented 5 years ago

Hi,

we are getting this error

javax.net.ssl.SSLHandshakeException: Pin verification failed

using the attached code code_example.txt

This error occurs only on real devices running API 24 Android 7.0, on emulated devices with the same API version it works properly.

Thanks in advance, Francesca

fraferrando commented 5 years ago

Hello,

we understood what was wrong: In network_security_config.xml file we left

   <pin-set>
        <pin digest="SHA-256">k3XnEYQCK79AtL9GYnT/nyhsabas03V+bhRQYHQbpXU=</pin>
        <pin digest="SHA-256">2kOi4HdYYsvTR1sTIR7RHwlf2SescTrpza9ZrWy7poQ=</pin>
    </pin-set>

WITHOUT COMMENT

When we commented it started working.

Thanks, Francesca