Question 1

How to extract public key hashes for react-native-ssl-pinning?

Accepted Answer

Use the openssl command in the README: 'openssl s_client -servername domain.com -connect domain.com:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64'. Alternatively, configure broken pinning to get hashes from error logs during development.

Question 2

Can I use react-native-ssl-pinning with Expo?

Accepted Answer

It likely requires ejecting from Expo's managed workflow, as it's a native module that needs linking. Expo projects without ejection may not support it, so check compatibility or consider alternative solutions.

Question 3

What's better: certificate pinning or public key pinning with this library?

Accepted Answer

Public key pinning is more flexible for certificate rotation since the public key can remain unchanged. Certificate pinning is stricter but requires updates when certificates expire. Choose based on your security needs and maintenance capabilities.

Question 4

How to set up debug interceptors in Android for this library?

Accepted Answer

In your Android code, use OkHttpUtils.addInterceptorForDebug with a custom OkHttp interceptor, like HttpLoggingInterceptor, as shown in the README. Ensure it's only active in debug builds to avoid security issues.

Question 5

react-native-ssl-pinning vs using fetch with custom certificates?

Accepted Answer

This library integrates SSL pinning directly with a fetch-like API using native libraries, providing more reliable security against MITM attacks. Custom implementations might be less secure or require more manual work, making this library a dedicated choice for enhanced security.

Question 6

How to handle cookie sessions securely with react-native-ssl-pinning?

Accepted Answer

Use the provided getCookies and removeCookieByName functions to manage cookies per domain. Combine this with SSL pinning enabled to ensure all network communication, including cookie transmission, is protected against interception.

Question 7

What happens if a pinned certificate expires?

Accepted Answer

The app will fail to connect until the certificate is updated. Mitigate this by using public key pinning, which allows certificate rotation without changes, or plan ahead by including new certificates in app updates before old ones expire.

react-native-ssl-pinning

What is react-native-ssl-pinning?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions