Topic
  • No replies
4GK5_Cannic_Hung
4GK5_Cannic_Hung
4 Posts

Pinned topic Certificate Pinning for Mobile Testing

‏2014-04-28T22:31:03Z |

Hello,

I came across with an excellent article in regards to "Secure Your Mobile Applications".  It mentioned for situation like certificate or public key pinning, the AppScan certifcate must be "hardcoded" inside the mobile hybrid applications.  How do I export the AppScan certificate?  I cannot find the answer anywhere online  Thanks!

By the way, I am using AppScan Standard 9.0

 

 

  • warrenm1
    warrenm1
    224 Posts
    ACCEPTED ANSWER

    Re: Certificate Pinning for Mobile Testing

    ‏2014-04-29T15:09:56Z  

    Hi,


    There is an AppScan Extension attached.  After installed in AppScan under Tools/Extension/Extension manager (and restart appscan) if you run it it will install AppScans Certificate in the trusted root of your system.

     

    If you wanted to export/move that elsewhere you could then open certmgr.msc and go to Trusted Root Certificates/Certificates and open AppScan_root_untrusted

     

    Regards,

    Attachments

  • warrenm1
    warrenm1
    224 Posts

    Re: Certificate Pinning for Mobile Testing

    ‏2014-04-29T15:09:56Z  

    Hi,


    There is an AppScan Extension attached.  After installed in AppScan under Tools/Extension/Extension manager (and restart appscan) if you run it it will install AppScans Certificate in the trusted root of your system.

     

    If you wanted to export/move that elsewhere you could then open certmgr.msc and go to Trusted Root Certificates/Certificates and open AppScan_root_untrusted

     

    Regards,

    Attachments

  • 4GK5_Cannic_Hung
    4GK5_Cannic_Hung
    4 Posts

    Re: Certificate Pinning for Mobile Testing

    ‏2014-04-29T15:55:37Z  
    • warrenm1
    • ‏2014-04-29T15:09:56Z

    Hi,


    There is an AppScan Extension attached.  After installed in AppScan under Tools/Extension/Extension manager (and restart appscan) if you run it it will install AppScans Certificate in the trusted root of your system.

     

    If you wanted to export/move that elsewhere you could then open certmgr.msc and go to Trusted Root Certificates/Certificates and open AppScan_root_untrusted

     

    Regards,

    Thanks for the quick reply.  It works great.