Is Certificate Pinning safe and worthwhile for an API server that will only accept requests from an android application?
I have hosted an api on an AWS Windows server, imported ssl certificates from a known CA, and made https mandatory.
Then built a client app that is an executable, then pinned the public key hash for all requests from this app to the server… Continue reading Is Certificate Pinning safe and worthwhile for an API server that will only accept requests from an android application?