SSL Implementation Check - SSL Certificate Verification #16
Description
When we sent our build for security testing its failing with the following issue.
This app does not check the validation of SSL Certificate. It allows self-signed, expired or mismatch CN certificates for SSL connection.
Following classes may be vulnerable, Please manually confirm
- io.fabric.sdk.android.services.network.HttpRequest.getTrustedFactory()
- io.fabric.sdk.android.services.network.NetworkUtils.getSSLSocketFactory()
Any suggestions