I would like to use the TLS-SRP protocol to secure the communication between a mobile app client and a WebAPI REST server. My primary reason is to avoid using self-signed certificate stored on the device or hardcoded for security reason (breach, decompiling...). Setting up the salt between the server and the client is not an issue. However I don't know how to customise the HttpClient on the client-side and the WebAPI server to follow the protocol.
Has anyone done that before? Could you point me to any documentation?
Cheers,