Created
November 16, 2019 11:33
-
-
Save aramezx/6518b596e51f21e05b18abdb5851f0fb to your computer and use it in GitHub Desktop.
The following snippet from the Android Developer site shows the res/xml/network_security_config.xml file as certificate pin-set container
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* | |
* Network security configuration | |
* The Network Security Configuration feature lets apps customize their network security settings in a safe, | |
* declarative configuration file without modifying app code. | |
* These settings can be configured for specific domains and for a specific app. | |
* The key capabilities of this feature are as follows: | |
* - Custom trust anchors: Customize which Certificate Authorities (CA) are trusted for an app's secure connections. For example, trusting particular self-signed certificates or restricting the set of public CAs that the app trusts. | |
* - Debug-only overrides: Safely debug secure connections in an app without added risk to the installed base. | |
* - Cleartext traffic opt-out: Protect apps from accidental usage of cleartext traffic. | |
* - Certificate pinning: Restrict an app's secure connection to particular certificates. | |
*/ | |
<?xml version="1.0" encoding="utf-8"?> | |
<network-security-config> | |
<domain-config> | |
<domain includeSubdomains="true">example.com</domain> | |
<pin-set expiration="2018-01-01"> | |
<pin digest="SHA-256">7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=</pin> | |
<!-- backup pin --> | |
<pin digest="SHA-256">fwza0LRMXouZHRC8Ei+4PyuldPDcf3UKgO/04cDM1oE=</pin> | |
</pin-set> | |
</domain-config> | |
</network-security-config> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment