Forum Discussion

Nimbostratus

Mar 06, 2017

SSL pinning

We are in development stage for mobile app and we successfully integrate Frond end application server with F5 ASM . We have new change request in order to secure mobile application with SSL certific...

ASM Advanced WAF

security

Simon_Waters_13

Cirrostratus

Mar 07, 2017

No, the F5 probably can't make your Android app pin.

You can use HPKP to pin certificates in browsers, but it is unlikely that mobile apps will honour these settings, since it requires client side state to be preserved between visits.

There should be no MITM with TLS unless the user or the device has added a trusted CA. But if you want to pin and many mobile apps do, you'll what to change the app.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL pinning

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

SSL Orchestrator Service Extensions: DoH Guardian

SSL Profiles Part 6: SSL Renegotiation

wccp configuration for SSL Orchestrator

Introduction to BIG-IP SSL Orchestrator

Service Extensions with SSL Orchestrator: Advanced Blocking Pages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS