How to identify pinned certificates?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to identify pinned certificates?

L4 Transporter

Hi,

 

How can I find out if the site is using pinned certificate so that I can exclude the site from SSL decryption?

1 REPLY 1

Cyber Elite
Cyber Elite

Hi @Sly_Cooper ,

I am guessing you mean if application is used pinned certificate, not the site.

Pinned certificate means that the application which is initiating the traffic and trying to reach the public server has some additional check and expect the server to reply with specific certificate, or at least with cert that is signed only by specific CA.

 

Unfortunately if it is not explicetly mentioned in the application documentation the only way is to try it.

Try to use the application with decryption enabled, if there is a problem, try to disable the decryption, if it works add it as permanent exception.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!