SSL Pinning

SSL Pinning ensures secure communication by allowing only trusted SSL certificates, which is critical for apps handling sensitive user data. To use this feature, integrate Android SDK v3.15.0 or above.

Configuring SSL Pinning

  • Specify the trusted SSL certificate hash in NetmeraConfiguration.Builder using the sslPinKeys method.

Single SSL Pin

Use this code to pin a single SSL certificate:

NetmeraConfiguration.Builder configBuilder = new NetmeraConfiguration.Builder();

configBuilder
    .baseUrl(baseUrl)
    .apiKey(apiKey)
    .huaweiSenderId(PropertiesUtil.huaweiSenderId)
    .firebaseSenderId(PropertiesUtil.gcmSenderId)
    .logging(true)
    // Set SSL pin keys
    .sslPinKeys(
        // Replace with the correct sha256 hash
        "sha256/T9g7qeNuY3SHc4tWSlqoHwWb+0Y8whUYn0uuAB3CzHM="
    );

Multiple SSL Pins

Use this code to pin multiple SSL certificates for environments where multiple certificates are trusted (e.g., during certificate transitions or backups):

List<String> sslPinKeys = Arrays.asList(
    // Replace with correct sha256 hashes
    "sha256/A1C7RK0nAsHviju64ImO48VgSY5FdOMxv9GJh0uMXJQ=",
    "sha256/8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8=",
    "sha256/Ko8tivDrEjiY90yGasP6ZpBU4jwXvHqVvQI0GS3GNdA="
);

NetmeraConfiguration.Builder configBuilder = new NetmeraConfiguration.Builder();

configBuilder
    .baseUrl(baseUrl)
    .apiKey(apiKey)
    .huaweiSenderId(PropertiesUtil.huaweiSenderId)
    .firebaseSenderId(PropertiesUtil.gcmSenderId)
    .logging(true)
    // Set SSL pin keys
    .sslPinKeys(sslPinKeys);

Handling SSL Pinning Errors

If the server's SSL certificate doesn't match the pinned keys, the app will log an error and terminate the connection.

Error Log for Invalid SSL Pins

If Improper SSL Pinning Is Configured

PreviousUser & AttributesNextChangelog

Last updated

Was this helpful?