Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 263 for pinning (0.07 sec)

  1. okhttp/src/main/kotlin/okhttp3/CertificatePinner.kt

     *
     * ## Warning: Certificate Pinning is Dangerous!
     *
     * Pinning certificates limits your server team's abilities to update their TLS certificates. By
     * pinning certificates, you take on additional operational complexity and limit your ability to
     * migrate between certificate authorities. Do not use certificate pinning without the blessing of
     * your server's TLS administrator!
     *
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Jan 08 01:13:22 UTC 2024
    - 14.2K bytes
    - Viewed (0)
  2. okhttp/src/test/java/okhttp3/internal/tls/CertificatePinnerChainValidationTest.kt

        val request =
          Request.Builder()
            .url(server.url("/"))
            .build()
        val call = client.newCall(request)
        assertFailsWith<SSLPeerUnverifiedException> {
          call.execute()
        }.also { expected ->
          // Certificate pinning fails!
          assertThat(expected.message!!).startsWith("Certificate pinning failure!")
        }
      }
    
      @Test
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Jan 08 01:13:22 UTC 2024
    - 23.8K bytes
    - Viewed (0)
  3. docs/features/https.md

    Use [CertificatePinner](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-certificate-pinner/) to restrict which certificates and certificate authorities are trusted. Certificate pinning increases security, but limits your server team’s abilities to update their TLS certificates. **Do not use certificate pinning without the blessing of your server’s TLS administrator!**
    
    === ":material-language-kotlin: Kotlin"
        ```kotlin
          private val client = OkHttpClient.Builder()
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Sat Dec 24 00:16:30 UTC 2022
    - 10.5K bytes
    - Viewed (0)
  4. okhttp/src/main/kotlin/okhttp3/internal/connection/RetryTlsHandshake.kt

        // If the problem was a CertificateException from the X509TrustManager, do not retry.
        e is SSLHandshakeException && e.cause is CertificateException -> false
    
        // e.g. a certificate pinning error.
        e is SSLPeerUnverifiedException -> false
    
        // Retry for all other SSL failures.
        e is SSLException -> true
    
        else -> false
      }
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Sun Jan 07 16:05:34 UTC 2024
    - 1.7K bytes
    - Viewed (0)
  5. okhttp/src/main/kotlin/okhttp3/internal/tls/CertificateChainCleaner.kt

     * certificate.
     *
     * Use of the chain cleaner is necessary to omit unexpected certificates that aren't relevant to
     * the TLS handshake and to extract the trusted CA certificate for the benefit of certificate
     * pinning.
     */
    abstract class CertificateChainCleaner {
      @Throws(SSLPeerUnverifiedException::class)
      abstract fun clean(
        chain: List<Certificate>,
        hostname: String,
      ): List<Certificate>
    
      companion object {
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Jan 08 01:13:22 UTC 2024
    - 2K bytes
    - Viewed (0)
  6. okhttp/src/main/kotlin/okhttp3/internal/http/RetryAndFollowUpInterceptor.kt

          // do not retry.
          if (e.cause is CertificateException) {
            return false
          }
        }
        if (e is SSLPeerUnverifiedException) {
          // e.g. a certificate pinning error.
          return false
        }
        // An example of one we might want to retry with a different route is a problem connecting to a
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Apr 15 13:24:48 UTC 2024
    - 12.1K bytes
    - Viewed (0)
  7. docs/changelogs/changelog_2x.md

          <groupId>com.squareup.okio</groupId>
          <artifactId>okio</artifactId>
          <version>1.0.1</version>
        </dependency>
        ```
    
     *  **New APIs to permit easy certificate pinning.** Be warned, certificate
        pinning is dangerous and could prevent your application from trusting your
        server!
    
     *  **Cache improvements.** This release fixes some severe cache problems
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Sun Feb 06 02:19:09 UTC 2022
    - 26.6K bytes
    - Viewed (0)
  8. okhttp/src/test/java/okhttp3/ConnectionCoalescingTest.kt

        )
        server.enqueue(MockResponse())
        assertFailsWith<SSLPeerUnverifiedException> {
          val response = execute(url)
          response.close()
        }
      }
    
      /** Can still coalesce when pinning is used if pins match.  */
      @Test
      fun coalescesWhenCertificatePinsMatch() {
        val pinner =
          CertificatePinner.Builder()
            .add("san.com", pin(certificate.certificate))
            .build()
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Sat Jan 20 10:30:28 UTC 2024
    - 18.7K bytes
    - Viewed (0)
  9. okhttp-tls/src/main/kotlin/okhttp3/tls/HandshakeCertificates.kt

         * If the host platform is compromised or misconfigured this may contain untrustworthy root
         * certificates. Applications that connect to a known set of servers may be able to mitigate
         * this problem with [certificate pinning][CertificatePinner].
         */
        fun addPlatformTrustedCertificates() =
          apply {
            val platformTrustManager = Platform.get().platformTrustManager()
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Jan 08 01:13:22 UTC 2024
    - 8.5K bytes
    - Viewed (0)
  10. README.md

    first connect fails. This is necessary for IPv4+IPv6 and services hosted in redundant data
    centers. OkHttp supports modern TLS features (TLS 1.3, ALPN, certificate pinning). It can be
    configured to fall back for broad connectivity.
    
    Using OkHttp is easy. Its request/response API is designed with fluent builders and immutability. It
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Wed Dec 20 23:27:07 UTC 2023
    - 6.2K bytes
    - Viewed (0)
Back to top