i new ssl. using code given @ https://developer.android.com/training/articles/security-ssl.html#httpsexample , using able establish connection url (verified urlconnection.getresponsecode(), urlconnection of type httpsurlconnection). doubt using how ensure communicating correct server? without think there can still mitm attack. in link mentioned above there discussion this, don't know how check using java code. valuable time , help.
to verify right server, you've pin certificate. please have @ https://developer.android.com/training/articles/security-ssl.html#pinning whereby tutorial given here http://www.thoughtcrime.org/blog/authenticity-is-broken-in-ssl-but-your-app-ha/
Comments
Post a Comment