Issue #880

From iOS 14, we can do Identity Pinning: How to configure server certificates for your app right from Info.plist

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSPinnedDomains</key>
        <dict>
            <key>awesome.apps.example.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSPinnedCAIdentities</key>
                <array>
                    <dict>
                        <key>SPKI-SHA256-BASE64</key>
                        <string>12312312312xasdas123asdasdasdasdsad</string>
                    </dict>
                </array>
            </dict>
        </dict>
    </dict>

There are a few drawbacks

  • The subdomains works for multiple part host as well, as long as it is 1 subdomain level
  • Need to duplicate values in each Info.plist
  • Need to duplicate values if the host differs
  • Can’t use User Defined Settings variables in localized Info.plist
  • Does not work for CFNetwork, WKWebView

Read more