[squid-users] SSL certifcate on android device not working

Amos Jeffries squid3 at treenet.co.nz
Sat May 7 03:13:34 UTC 2016


On 7/05/2016 2:43 a.m., Yuri Voinov wrote:
> Raf, this is not about pinning. This is about CA store in mobile devices.
> 

Pinning at its core is just hard-coded entries in those stores or the app.

A pinned cert can be considered like the CA equivalent of having a
non-editable /etc/hosts file entry for DNS. Lookups happen but dont go
past the hard-coded entry unless the app bypasses it specially.

Amos



More information about the squid-users mailing list