'How to implement CA pinning in iOS to prevent man in the middle attack?
I have read several topics, blogs about SSL pinning in iOS and have implemented the following strategy to do SSL pinning way back in one of the app
Current SSL pinning strategy
Currently I'm using "A" certificate pining approach where either I've to store the .der file in my app bundle to compare with Server Certificate. But in this case app need regular updates with change in those certificates.
So I read more and trying to figure out the difference between my certificate pinning strategy and CA pinning strategy.
I have already read the links: https://security.stackexchange.com/questions/51352/is-certificate-pinning-different-from-ca-pinning
But want to have more clarity in implementation part of CA pinning
Can someone tell how can i achieve CA SSL pinning strategy in iOS?
Am i correct if i assume that CA pinning is same to certificate pinning strategy where i have to put trusted CAs (certificates) in the PEM/DER format in my app bundle.
Basically i wish to know the difference between CA pinning and Certificate pinning implementation in iOS .
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|