TLS Generation

A core tenet of secure mobile computing is trusting connections to and from a device. Rebar has a requirement to provide SSL Pinning for all communication coming from mobile apps. To do this, we leverage SHA512 hashes of SSL certificates. This enables the app to validate that

When pinning within the mobile app config file the configuration setting rebar.tls accepts multiple SSL Pinned certificate values. We suggest pinning more than one certicate. Allowing for more than one certificate enables your organization to prestage SSL certificates before they are deployed to your environment.

Generate SHA512 Fingerprints

To generate the SSL fingerprint, enter the host name you wish to connect to (omit https:// from the domain) and tap Generate SHA512 Fingerpints - this will automatically generate your PIN values of all certificates in the certificate chain

Once you have tapped the generate button, you will see the SHA-512 hashed TLS certificate pin values.

Precautions in SSL Pinning

Please take special precautions when using SSL Pinning and choosing the correct certificate to PIN. Customers have had inaccessible apps when SSL certificates have been cycled without notice. We suggest pinning the intermediate or root certificate versus the child/leaf certificate.