Forum Discussion

Nimbostratus

Mar 06, 2017

SSL pinning

We are in development stage for mobile app and we successfully integrate Frond end application server with F5 ASM . We have new change request in order to secure mobile application with SSL certific...

ASM Advanced WAF

security

Simon_Waters_13

Cirrostratus

Mar 07, 2017

No, the F5 probably can't make your Android app pin.

You can use HPKP to pin certificates in browsers, but it is unlikely that mobile apps will honour these settings, since it requires client side state to be preserved between visits.

There should be no MITM with TLS unless the user or the device has added a trusted CA. But if you want to pin and many mobile apps do, you'll what to change the app.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL pinning

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

LLM Streaming Session Pinning for WebSocket AI Gateways

SSL Profiles Part 6: SSL Renegotiation

SSL Orchestrator Service Extensions: DoH Guardian

Introduction to BIG-IP SSL Orchestrator

wccp configuration for SSL Orchestrator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS