Certificate Pinning on Android: OkHttp & Network Security Config

Certificate Pinning on Android: OkHttp & Network Security Config Certificate pinning protects against compromised CAs and man-in-the-middle attacks. Android provides two approaches: Network Security Configuration and OkHttp pinning. Network Security Config Approach Create network_security_config.xml : <?xml version="1.0" encoding="utf-8"?> <network-security-config> <domain-config> <domain includeSubdomains= "true" > example.com </domain> <pin-set> <pin digest= "SHA-256" > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= </pin> <pin digest= "SHA-256" > BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB= </pin> </pin-set> </domain-config> </network-security-config> Reference in AndroidManifest.xml: <application android:networkSecurityConfig= "@xml/network_security_config" > ... </application> OkHttp CertificatePinner val certificatePinner = CertificatePinner . Builder () . add ( "example.com" , "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" ) . add ( "example.com" , "sha256/BBBBBBBBBBBBBBBBBBB

Certificate Pinning on Android: OkHttp & Network Security Config

Related Articles

Vibe Coding Isn’t for Everyone (And That’s the Point)

Sometimes We Make Mistakes (Meta’s Cost $80 Billion)

Gate.io vs KuCoin — Which Crypto Exchange Is Better? (2026)

How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode

Clean Code Principles Every Software Engineer Should Follow

Related Articles

How-To
Vibe Coding Isn’t for Everyone (And That’s the Point)
Medium Programming • 7h ago

How-To
Sometimes We Make Mistakes (Meta’s Cost $80 Billion)
Medium Programming • 7h ago

How-To
Gate.io vs KuCoin — Which Crypto Exchange Is Better? (2026)
Dev.to Beginners • 8h ago

How-To
How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode
Medium Programming • 9h ago

How-To
Clean Code Principles Every Software Engineer Should Follow
Medium Programming • 10h ago