SHA-256 certificate pinning isn't working
I have a strange problem with certificate pinning.
If I use network-security-config xml with raw certificate it works. But if I switch to sha256 pinning in the same file, it doesn't work o_O
I checked 10 times whether I'm using a correct sha256. Even okhttp certificate pinner (from which I'm migrating to the network-security-config xml) shows me the same sha256, so it's 100% correct.
Does anybody know what is going on? :)
From your first answer it is likely your certificate isn't supported by the default root CAs. Test on ssllabs.com/ssltest and see what it says for Android.
As you confirmed, the server isn't sending a complete chain to the root, so the missing intermediate is causing a failure. Some other clients will download the missing cert in this case, but not Android.
- Spring Rest Template Put method is void, why?
- How to install ursina on pydroid?
- FileNotFoundException: /storage/emulated/0/Android
- How to Align Items in a Vertical 2-Column Grid Row by the Tallest Item in Jetpack Compose?
- Play Store error message 'To view this content, install and set up a web browsing app'
- How to use aapt2, where is the documentation?
- Identity verification at Google Play for a government org
- Task app:compileDebugJavaWithJavac failed
- How to darken a given color (int)
- React Native: Failed to launch emulator - "The emulator quit before it finished opening"
- Spotify Android SDK authorization only works if Spotify app is active
- bottomSheetDialogFragment full screen
- Execution failed for task ':app:checkDebugDuplicateClasses'. due to Duplicate class com.mapbox.android.core.permissions.PermissionsListener
- TypeError: Cannot read property 'isConfigured' of undefined
- How to grant Android runtime & special permissions on GMD Android Test Device
- CMake add_subdirectory given source which is not an existing directory
- font size is not working when using from html
- How to make an animated splash screen for android app using kivy?
- How to choose only doc,docx files through intent?
- Android Kotlin ARCore GeoSpatial API Type Mismatch Error: Earth? but Earth is Expected
- Type 'State<List<User>?>' has no method 'getValue(Nothing?, KProperty<*>)' and thus it cannot serve as a delegate
- READ_EXTERNAL_STORAGE permission for Android
- Android Studio device list stuck on loading
- Issues with Dagger Hilt and KSP in Android Kotlin Project: Cannot Resolve Symbol ‘Inject’
- Error: (JetPack Compose) Type 'TypeVariable(T)' has no method 'getValue(Nothing?, KProperty<*>)
- How to load Flutter assets in Android
- What are the Material Design dark theme colors?
- Could not find androidx.compose.compiler:compiler:provider(?)
- Attempting to add Google Code Scanner to simple android app. Only example I've seen is ML Kit sample
- Only receive ServerAuthToken with Credential Manager?