Lack of Certificate Pinning in IBM Mobile First Platform 7.1

问题

The IBM Mobile First Platform 7.1 is not Supporting Certificate Pinning.

We tested the apt with IBM Blue-mix Security Scan.

Lack of Certificate Pinning Severity: Causes: Certificate pinning is not implemented/disabled for this connection. X-Force: None OWASP: M3 Fix: Enable certificate pinning for this connection.

回答1:

In MobileFirst Platform Foundation 7.1 the support for certificate pinning is as follows:

Hybrid apps: supported
Native apps: supported
MobileFirst Cordova apps: not supported

Read more about certificate pinning:

Blog post: https://mobilefirstplatform.ibmcloud.com/blog/2015/08/14/certificate-pinning-in-ibm-mobilefirst-platform-foundation-7-1/
Documentation: http://www.ibm.com/support/knowledgecenter/SSHSCD_7.1.0/com.ibm.worklight.dev.doc/monitor/c_cert_pinning_intro.html

来源：https://stackoverflow.com/questions/40355610/lack-of-certificate-pinning-in-ibm-mobile-first-platform-7-1

标签

ssl

certificate

ibm-mobilefirst

pinning

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!