Forum Discussion

Nimbostratus

Mar 06, 2017

SSL pinning

We are in development stage for mobile app and we successfully integrate Frond end application server with F5 ASM . We have new change request in order to secure mobile application with SSL certific...

ASM Advanced WAF

security

Simon_Waters_13

Cirrostratus

Mar 07, 2017

No, the F5 probably can't make your Android app pin.

You can use HPKP to pin certificates in browsers, but it is unlikely that mobile apps will honour these settings, since it requires client side state to be preserved between visits.

There should be no MITM with TLS unless the user or the device has added a trusted CA. But if you want to pin and many mobile apps do, you'll what to change the app.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL pinning

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

F5 LACP

How APM GET IOS UUID & Andriod MAC

Expired client-certificate

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Related Content

wccp configuration for SSL Orchestrator

SSL Orchestrator Service Extensions: DoH Guardian

Introduction to BIG-IP SSL Orchestrator

SSL Profiles Part 6: SSL Renegotiation

Updating SSL Certificates on BIG-IP using REST API

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS