ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA Mobile SDK: CA Mobile API Gateway on Android does not enforce certificate pinning properly


Article ID: 239084


Updated On:


CA Mobile API Gateway CA API Gateway


Mobile SDK on Android does not implement certificate pinning.

If an endpoint presents an expired certificate or the leaf certificate does not match which is in the MSSO Config file, Android SDK does not return certificate pinning error.


Release : 2.1

Component : MOBILE SDK


This should fixed in the future release of Mobile SDK which should be available in the last quarter of 2022.