Error - Invalid signature detected when updating fingerprint

[Fenil15]

Getting below Logcat error - CertStore: Invalid signature detected. CN = '*.dronamobile.com' on calling below method certStore.update(UpdateMode.DEFAULT, object : DefaultUpdateObserver() { }

Created Signature Following this link - https://github.com/wultra/ssl-pinning-tool

Below is the json hosted temporary on - https://e7f7b07ea9ea.ngrok.io/pinning.json (This is a test link - may not be accessible but below is the file data)

{
  "fingerprints": [
    {
      "name": "*.dronamobile.com",
      "fingerprint": "Lo8EpxiNf2kazr6Wkq3+QsMM6Mn8vJqYriJIVkBcOqM=",
      "expires": 1606392000,
      "signature": "MEUCIDS34hQtmudoCCK+Dqgg2VmlugbkAvD90QDMR+hB3RSDAiEA3n/JvxVtFTkAefhpKHvcKiI90NmbIyuwdvAZ6mFMC24="
    }
  ]
}

For certStore, domain url used is - https://e7f7b07ea9ea.ngrok.io/pinning.json & public key used is ECDSA public key mentioned in https://github.com/wultra/ssl-pinning-tool

Any idea what or where exactly I am doing wrong?

[petrdvorak]

Hello @Fenil15, apologies for the troubles - could you please post your SDK intialization code, including the public key you use for the data verification? This error occurs in the case public key used to verify the signature does not match the signature of the particular data.

[Fenil15]

Hi @petrdvorak, I used Openssl method for generating signature, Public Key for above signature - BLvV5g0iGn7VsV6gE6PvH3VkcZHsVahmJVKu449KALKiIS1TEqAammg8kq2ef4aNOoH0HZlVAgh2wgb0PRjq3eM=

However, when I used ssl-pinning-tool.jar for generating output file I am able to connect correctly.

[petrdvorak]

@Fenil15 Thank you very much for the update. We included the OpenSSL steps to allow generating the hashes some "generic" way but using the utility is definitely the most reliable way (we do not need to deal with various minor formatting issues).