SSL pinning is a technique used to validate secure connections in mobile apps where the client checks that the server certificate matches a known copy of the certificate stored in the app, to prevent man-in-the-middle attacks. This differs from regular SSL in that it does not rely on certificate authorities and pinning certificates will eventually expire, requiring an app update or downloading a new certificate. The AndroidPinning library facilitates certificate pinning in Android apps, while M2Crypto provides Python wrappers for OpenSSL including SSL functionality.

1. Mobile
SSL Pinning
1

2. 2
SSL Pinning
SSL Pinning
Using SSL for network connections is the method of ensuring secure data
transmission.
SSL Pinning is like Web SSL ,secure the connection between the client and the
server.
the deferent is SSL Pinning is making sure the client checks the server’s
certificate against a known copy of that certificate.
This method is called “Pre-shared key”.
If the certificate is not match the connection will dropped.

3. 3
SSL Pinning Problem
SSL Pinning Problem
The certificate embedded in your app will eventually expire.
You have to either plan for an app update that contains an updated certificate, or code a
way for the application to download the new certificate.

4. 4
Android Pinning Master
Android Pinning Master
AndroidPinning is a standalone Android library project that facilitates certificate pinning
for SSL connections from Android apps, in order to minimize dependence on Certificate
Authorities.

5. 5
M2Crypto
M2Crypto
M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA, DH,
EC, HMACs, message digests, symmetric ciphers (including AES); SSL functionality to
implement clients and servers
Installation command:
pip install M2Crypto