I want to protect my google cloud endpoint APIs from man in the middle attack using SSL Pinning through OKHTTP CertificatePinner <https://square.github.io/okhttp/3.x/okhttp/okhttp3/CertificatePinner.html>. Before I proceed, I have few questions in my mind:
(hostname is "[email protected]") 1. does google changes its server certificate along with CA certificates i.e. renewing certificate time to time? 2. does google notify us that its going to renew the certificate.? 3. do we also require to update the pinned certificate at the client side whenever google changes its certificates.? 4. what is the best way to achieve that or any other suggestion is welcome -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/6711b15c-f694-43bf-bd48-97f4517c1fdd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
