Skip to content

SSL Implementation Check - SSL Certificate Verification #16

@dhamothar

Description

@dhamothar

When we sent our build for security testing its failing with the following issue.
This app does not check the validation of SSL Certificate. It allows self-signed, expired or mismatch CN certificates for SSL connection.
Following classes may be vulnerable, Please manually confirm

  1. io.fabric.sdk.android.services.network.HttpRequest.getTrustedFactory()
  2. io.fabric.sdk.android.services.network.NetworkUtils.getSSLSocketFactory()
    Any suggestions

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions