SSL pinning
Hi, is there any way to make SSL pinning working on Railway? I need my custom or a static SSL certificate that does not change a fingerprint
13 Replies
Project ID:
N/AN/A
i wanna take a guess, some esp project?
nah, a desktop app and want to make our Auth API more secure, because rn some ppl are spoofing the auth request and basically bypassing a license verification
oh interesting, but this wouldnt be possible, i also don't see how a pinned ssl cert helps here?
yh i figured out a couple mins ago :/ it would be just another layer of security, we would be sure that the response is original from our auth api and not spoofed via proxy like Fiddler or so
Solution
if users can spoof auth so easily, you have far bigger issues imo
well they were up until now, its just one guy now (like 3 in the past year totally) but still, we dont like anyone using our app for free
I think you should rethink your auth then, i don't think it's an efficient use of time to go off and worry about ssl
auth wasn't made by me π it was secure enough up until now, it was actually made by an ex-google engineer lol
but time to rewrite
does that explain the ex part?
nah
more like budget limited π
well no time for an auth re-write like the present