๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Advanced

What is Certificate Pinning?

A security technique that associates a host with its expected TLS certificate or public key, preventing man-in-the-middle attacks with fraudulent certificates.

Certificate pinning validates that a server presents a specific certificate or public key, rather than any certificate signed by a trusted CA. This protects against compromised Certificate Authorities and rogue certificates. Implementation approaches include pinning the leaf certificate (most restrictive), pinning the intermediate CA certificate, or pinning the public key (most flexible during certificate renewal). Mobile apps commonly use certificate pinning for API communication. Challenges include handling certificate rotation (pin the backup key too) and debugging (pinning failures are silent). HTTP Public Key Pinning (HPKP) for browsers was deprecated due to the risk of permanent lockout.

Related Terms

OWASP Top 10
A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.
CORS (Cross-Origin Resource Sharing)
A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.
Rate Limiting
A technique that controls the number of requests a client can make to a server within a specified time period.
Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.
Firewall Rules
Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.
API Security
Practices and mechanisms for protecting APIs from unauthorized access, data breaches, and abuse.
 View All Security Terms โ†’