[SSL Pinning Plugin] Error in opening the app after installing SSL Plugin
Question
Forge component by OutSystems R&D
Application Type
Mobile

I tried to  generate the hash of my certificate public key.   


{

"hosts":[{

"host": "mydomain.com",

"hashes" : [

     "sha256/8Q28vcvKFNhzvWQlgI0=",                                                   "sha256/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB="

]


}]

}


but I always got an error after opening of my app . I always  got Request failed with an error. Is my configuration correct?

Thank you.

mvp_badge
MVP

Hello there Joseph,

Hope you're doing well.


The JSON syntax seems correct.

Can you please verify that you are setting the Target Directory property to "pinning" and the Deploy Action property to "Deploy to Target Directory"?


Also you have to specify the correct domain for the host value in the JSON and the certificate (from where you generated the hash) should be installed on that domain.


Kind regards,

Rui Barradas

Hi Rui, I get the certificate from the SSL certificate used in lifetime.i also set the target directory.Should I put https://www in my host? Thank you very much.


Best regards,


Joseph

mvp_badge
MVP

Hello Joseph,

Sorry for my late reply.


As far as I can tell, you don't need to put https://www in your host. It should work without it, you just need the domain name. I have an application using this plugin and I didn't need that part :)

You just have to make sure that the generated hash is for the correct certificate (installed on the domain where your app is).


Just as a double check: did you rebuild your app after installing the plugin? You will need to use this new version of the app :)


Kind regards,

Rui Barradas

Hi Rui yes I rebuild the app and generated new app...I installed the latest build but my app won't work

+ Addition to Rui's Answer :)

- You can validate the same either using commands or a third-party site:
https://www.sslshopper.com/certificate-key-matcher.html

Hi Assif I used this command instead but still not working openssl s_client -servername www.example.com -connect www.example.com:443 | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 a

Did you used your server name here:

openssl s_client -servername www.example.com -connect www.example.com:443 | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64

Just asking for confirmation.



just my domain or the url where I can access the app.

Can you share the error [ may be in a private msg to me]


- Considering that you're running all the respective commands on OpenSSL Console & not on the Windows CMS :)
-Do make sure if your environment uses the "*.outsystemsenterprise.com"  certificate then your command must be something like this.


openssl s_client -servername www.lorem.outsystemsenterprise.com -connect www.lorem.outsystemsenterprise.com:443 | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64



Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.