SSL Certificate Viewer
Upload your SSL certificate to view detailed information and Pin Hash
Upload certificate file
Drag and drop or click to upload a .pem, .crt, .cer, or .der file
What is SSL Pinning?
SSL Pinning (or Certificate Pinning) is a security technique that helps protect against man-in-the-middle (MITM) attacks by associating a host with its expected certificate or public key.
When an app implements SSL pinning, it will only accept connections to a server if the server presents the exact certificate or public key that was previously specified in the app's code or configuration.
This adds an extra layer of security beyond the standard certificate validation process, as it prevents attackers from using compromised or fraudulent certificates that might otherwise be trusted by the device.
Popular SSL Pinning Libraries
TrustKit
An open-source framework that makes it easy to deploy SSL pinning in iOS and macOS apps.
// Swift implementation with TrustKit
let trustKitConfig = [
kTSKSwizzleNetworkDelegates: false,
kTSKPinnedDomains: [
"example.com": [
kTSKPublicKeyHashes: [
"YourBase64EncodedPinHash",
"YourBackupBase64EncodedPinHash"
],
kTSKEnforcePinning: true
]
]
]
TrustKit.initSharedInstance(withConfiguration: trustKitConfig)Alamofire
A popular networking library for Swift that includes certificate pinning capabilities.
Best Practices
- Always include backup pins in case your primary certificate changes
- Implement a way to update pins remotely to avoid app lockout if certificates change
- Consider pinning the intermediate or root certificate instead of the leaf certificate for more flexibility
- Test thoroughly to ensure your app can still connect when certificates are rotated
- Monitor for certificate changes to avoid unexpected connection failures