Skip to Content (Press Enter)
2016-12-16 07-53-42
Ravi Joshi
332Views
3Comments
[SSL Pinning Plugin] Mobile app not working after adding SSL pinning
Question
Forge
ssl-pinning-plugin
Mobile icon
SSL Pinning Plugin (O11)
Forge asset by OutSystems

Hi,


We are building a mobile app (iOS and Android) using OutSystems and have been asked to implement SSL pinning by our security team for added security. We have used SSL Pinning forge component for the same. However, while testing we see the app does not work on corporate network (with proxy) but when used on external or Internet there are no issues. Has anybody encountered similar problem with SSL pinning?


Any kind of help will be greatly appreciated. Thanks

Ravi


0
0
27 May 2018
Copy Link
2020-12-15 11-23-41
César Afonso
Staff

Hello Ravi.

When connecting through the internal network, the certificate that the server/proxy provides might not be the same that it's provided when there's external connection.

Thanks

0
0
28 May 2018
Copy Link
2018-11-07 10-57-20
Carolina Bessa

Hi! I'm having the issue but the opposite: on intranet it works but doesn't in internet/extranet.

Did you configure something on the proxy? Do you use reverse proxy?

0
0
28 Sep 2020
Copy Link
2021-04-09 11-42-43
assif_tiger
 
MVP

Hi Ravi,

If the mobile app persists to show only the Reload screen then these are the root cause.. that I too faced yesterday.

If your default OS Cloud server certificate is outsystemsenterprise.com then here's something to worry & update to resolve it :

https://success.outsystems.com/Support/Security/OutSystems_cloud_certificate_change_-_September%2F%2FOctober_2020


I am using SSL Pinning plugin on my mobile apps. Do I need to do anything?

As long as you are pinning your mobile applications to your own certificate, this operation won't impact your mobile apps.

However, if you are pinning your mobile apps on the outsystemsenterprise.com.com certificate, this rotation will cause your applications to stop connecting to the OutSystems Cloud environment.

If you're already using the outsystemsenterprise.com certificate for SSL Pinning:

  • To avoid any downtime, take this opportunity to use your own certificate, for which you have the certificate keys, and use your certificate fingerprint on your mobile apps.
  • In the transition process it's possible to add the following fingerprint that represents the certificate that will be installed in late September/early October 2020 to the SSL Pinning component. Fingerprint: U6vSutzZQ4RuSJwV2i0vUO6qtGcX5vGltvpGnNd5BEg=
  • Make sure to plan and switch to use your own SSL certificate for SSL Pinning.

Please beware that OutSystems will no longer provide the outsystemsenterprise.com certificate fingerprint in advance for future certificate changes. For this reason, the outsystemsenterprise.com should never be used for SSL Pinning.

Note that you should keep the current fingerprint and add the new one so that your app continues to function as expected before and after the certificate renewal. For more information on how to add a new fingerprint to your SSL Pinning component please visit the component official documentation here.

Hope it helps,
Assif

0
0
01 Oct 2020
Copy Link
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.