/
Create SSL Certificate for SSL pinning

Create SSL Certificate for SSL pinning

SSL pinning is a mechanism to ensure the application is talking to the "Real" server, and shouldn't susceptable to "Man in the Middle" attack.

Steps:

  1. Get the original ssl certificate for the server
  2. take the leaf certificate
  3. attach it in the application

Getting SSL certificate

openssl s_client -servername dev.sunbirded.org -host dev.sunbirded.org -port 443 -showcerts


  1. Check for the domain name, as highlighted above
  2. copy from 

    -----BEGIN CERTIFICATE-----

    MIIGljCCBX6gAwIBAgIRAJU11K/RVD5pzOg+rvdI3IIwDQYJKoZIhvcNAQELBQAw

    gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
    BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
    VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
    Q0EwHhcNMTgxMjEwMDAwMDAwWhcNMTkxMjEwMjM1OTU5WjBiMSEwHwYDVQQLExhE
    .......
    ......
    .....

    -----END CERTIFICATE-----

  3. save it as leaf.crt

Related content

Certificate generation using Sunbird RC (migration from Lern to RC)
Certificate generation using Sunbird RC (migration from Lern to RC)
More like this
sunbird-lms-service will directly fetch SSO_PUBLICKEY from KeyCloakServer and use it for authetication and other purpose
sunbird-lms-service will directly fetch SSO_PUBLICKEY from KeyCloakServer and use it for authetication and other purpose
More like this
Sunbird RC QR code generation
Sunbird RC QR code generation
More like this
Nginx on Sunbird
Nginx on Sunbird
More like this