'How to get/generate pin sha256 from certificate
Simple question
I am trying to do certificate pinning in android using the network-security-config but I am not sure how to get the the SHA-256 to put in the pin-set
Given a domain url how do you find the "pin digest="SHA-256"?
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<domain includeSubdomains="true">example.com</domain>
<pin-set expiration="2018-01-01">
<pin digest="SHA-256">HowDoIGetThisValue</pin>
<!-- backup pin -->
<pin digest="SHA-256">HowDoIGetThisValue</pin>
</pin-set>
</domain-config>
</network-security-config>
Suggestions/Steps.
many thanks
Solution 1:[1]
in MAC:
if you certificate type is .crt:
openssl x509 -in yourCertificatePath.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
if you certificate type is .cer:
openssl x509 -in yourCertificatePath.cer -pubkey -noout -inform der | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |