TechQA.

Android network_security_config: is there way to define more than one pins to the same domain with different expiration?

134 views Asked by At

I want to use SSL pinning via network_security_config.

There is an idea to define several pins with different expiration dates to replace one to another without the app rebuild

I have a correct network_security_config.xml file like this:

<network-security-config>
    <domain-config>
        <domain includeSubdomains="true">example.com</domain>
        <pin-set expiration="2025-02-22">
            <pin digest="SHA-256">xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</pin>
            <pin digest="SHA-256">yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy</pin>
        </pin-set>
    </domain-config>
</network-security-config>

i.e. both pins have the same expiration date as "2025-02-22"

What should I do to define another expiration date for yyyyyy-pin?

Due to the documentation Duplicate domain names are not allowed and Multiple elements are not allowed too. Therefore I cannot define an another <domain-config> with the same domain or an another <pin-set> with different expiration.

Am I right there is no chance to use default network_security_config to solve the problem?

android security ssl android-network-security-config
Original Q&A
0

There are 0 answers

Related Questions in ANDROID

Related Questions in SECURITY

Related Questions in SSL

Related Questions in ANDROID-NETWORK-SECURITY-CONFIG

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions