Netmera Developer Guide
Netmera Docs
  • Netmera Developer Guide
  • Platforms
    • iOS
      • New iOS (Swift)
        • SDK Integration
        • Push Notifications
          • Delegate Methods
          • Widget and In-App Messages
          • Media Push
          • Carousel, Slider and Thumbnail Push
        • Deep Linking
          • Custom Deep Links
        • Sound & Vibration
        • Push Inbox
        • Events
        • Geofence & Location
        • User Attributes & Preferences
        • Advertising ID
        • Changelog
      • Former iOS (Objective-C)
        • SDK Integration
        • Push Notifications
          • Delegate Methods
          • Push Payload Receivers
          • Widget and In-App Messages
          • Customizing In-App Messages
          • Media Push
          • Carousel, Slider and Thumbnail Push
          • Custom Web View Presentation
          • Push Icon
        • Live Activities
        • Deep Linking
          • Custom Deep Links
        • Sound & Vibration
        • Push Inbox
        • Events
        • Geofence & Location
        • User Attributes & Preferences
        • Data Transfer
        • Advertising ID
        • SSL Pinning
        • Changelog
    • Android
      • SDK Integration
        • Huawei Integration
        • Huawei Message Receipt
        • Android Integration FAQs
      • Push Notifications
        • Widget and In-App Messages
        • Push Callbacks
        • Custom Web View Presentation
        • Push Icon
      • Deep Linking
        • Custom Deep Links
      • Sound & Vibration
      • Push Inbox
      • Events
      • Geofence & Location
        • Background Location Permission
      • User & Attributes
      • Data Transfer
      • Advertising ID
      • App Tracking
      • SSL Pinning
      • Changelog
    • Web
      • SDK Setup
        • Self-Hosted SDK Setup
      • Mobile Web Push for iOS
      • Deep Linking
        • Custom Deep Links
      • Events
      • User & Attributes
    • React Native
      • SDK Integration
      • Push Notifications
        • Widget and In-App Messages
        • Push Callbacks
      • Deep Linking
        • Custom Deep Links
      • Sound & Vibration
      • Push Inbox
      • Events
      • Geofence & Location
      • User & Attributes
      • Changelog
    • Flutter
      • SDK Integration
      • Push Notifications
        • Push Notification Permissions
        • Widget and In-App Messages
        • Flutter iOS Media Push
      • Deep Linking
        • Custom Deep Links
      • Sound & Vibration
      • Push Inbox
      • Events
      • Geofence & Location
      • User & Attributes
      • SSL Pinning
      • Changelog
    • Cordova
      • SDK Integration
      • Push Notifications
      • Sound & Vibration
      • Push Inbox
      • Events
      • User & Attributes
    • Unity
      • SDK Integration
      • Sound & Vibration
      • Events
      • User & Attributes
      • Changelog
  • Integrated Modules
    • Optimove
    • Adjust
    • Mixpanel
    • IYS Integration
    • VIA Integration
      • Short URL Consent Requests
      • OTP Consent Requests
        • OTP Confirmation Completion
      • VIA Email Rejection Link Generation
      • ETK Rejection via SMS
  • API Documentation
    • REST API
      • Setup
      • Notifications
      • Events
      • User & Device Management
      • Inbox Feature
      • GDPR
      • Error Responses
  • FAQs
    • Push Notifications FAQs
Powered by GitBook
On this page
  • Compatibility
  • Integration Option 1: Using a Certificate File (iOS 11 and Above)
  • Integration Option 2: Using Info.plist Configuration (iOS 14 and Above)
  • Step 2: Add the Configuration to Info.plist
  • Step 3: Save and Build Your Project
  • Important Notes

Was this helpful?

  1. Platforms
  2. iOS
  3. Former iOS (Objective-C)

SSL Pinning

Warning:

If your app's target is 14, you must use the info.plist Configuration for SSL pinning.

Netmera SDK supports SSL pinning to ensure secure communication between your app and Netmera servers. There are two methods to implement SSL pinning: using a certificate file or using Info.plist configuration. You must choose only one method; implementing both will cause issues. Below are the detailed steps for both integration options.

The Netmera SDK supports SSL pinning to ensure secure communication with our servers. You can implement SSL pinning in one of two ways:

  1. Using a Certificate File (netmera.com.cer) (Supports iOS 11 and above)

  2. Using Info.plist Configuration (Supports iOS 14 and above)

Compatibility

Method

Supported iOS Versions

Certificate File

iOS 11 and above

Info.plist Configuration

iOS 14 and above

Important Notes:

  • Implement Only One Method: You can implement either the certificate file method or the Info.plist configuration method, not both.

  • On-Premises Customers: If you're using an on-premises setup, ensure the certificate file is named netmera.com.cer and use your custom URL in the Info.plist configuration.

  • Certificate Updates: If the certificate changes, update the netmera.com.cer file or regenerate the public key hash and update the Info.plist configuration.

Integration Option 1: Using a Certificate File (iOS 11 and Above)

This method is supported on iOS 11 and above.

Step 1: Add the Certificate to Your Project

  1. Download the netmera.com.cer certificate file.

  2. Add the certificate to your Xcode project.

  3. Ensure the certificate is included in your app's target.

Step 2: The Certificate File Name Must Be netmera.com.cer

  1. The SDK looks for the file named netmera.com.cer in your app's project bundle. Ensure the file name matches exactly.

No Additional Configuration Needed

Once the certificate is added with the correct name, the SDK will automatically detect it and enable SSL pinning.

Integration Option 2: Using Info.plist Configuration (iOS 14 and Above)

This method is supported on iOS 14 and above.

Step 1: Generate the Public Key Hash

  1. Use the following OpenSSL command to generate the public key hash for the certificate:

openssl s_client -showcerts -servername your-custom-url.com -connect your-custom-url.com:443 </dev/null 2>/dev/null | \
openssl x509 -outform PEM | \
openssl x509 -inform pem -noout -outform pem -pubkey | \
openssl pkey -pubin -inform pem -outform der | \
openssl dgst -sha256 -binary | openssl enc -base64
  1. Replace your-custom-url.com with your custom domain (for on-premises customers) or use sdkapi.netmera.com for the default Netmera service.

Example output:

A1C7RK0nAsHviju64ImO48VgSY5FdOMxv9GJh0uMXJQ=

Step 2: Add the Configuration to Info.plist

  1. Open your app’s Info.plist file.

  2. Add the following configuration to enable SSL pinning:

Replace:

  • your-custom-url.com with your custom domain (for on-premises customers).

  • SPKI-SHA256-BASE64 with the hash value generated in the previous step.

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <false/>
    <key>NSPinnedDomains</key>
    <dict>
        <key>your-custom-url.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSPinnedLeafIdentities</key>
            <array>
                <dict>
                    <key>SPKI-SHA256-BASE64</key>
                    <string>A1C7RK0nAsHviju64ImO48VgSY5FdOMxv9GJh0uMXJQ=</string>
                </dict>
            </array>
        </dict>
    </dict>
</dict>

Step 3: Save and Build Your Project

After adding the configuration, save the Info.plist file and rebuild your project.

Important Notes

  1. Choose Only One Method:

    • Do not use both methods simultaneously. The SDK will not function correctly if both methods are implemented. Select the method that aligns with your project requirements.

  2. On-Premises Customers:

    • The certificate file name must remain netmera.com.cer.

    • If you are using the Info.plist method, replace sdkapi.netmera.com with your custom URL.

  3. Certificate Updates: If the server certificate changes, update the netmera.com.cer file or regenerate the public key hash and update your Info.plist.

PreviousAdvertising IDNextChangelog

Last updated 2 months ago

Was this helpful?

Testing: Test your SSL pinning implementation using tools like to verify that requests fail if the certificate or key hash does not match.

Proxyman