Asked Questions

I am searching for 2 days for my problem and i had no luck in finding it.

my problem :

I have comodo ssl/tls certificate installed on my server, and I am using android volley library for connecting to server, until now i was using just \"https://...\" for my url and connecting via https connection to my server with no problem. but i recently installed \"packet capture\" android application on my phone, by default settings and a phone which is not rooted it cannot retrieve post/response information from my app to the server, but when you use a rooted phone, the packet capture app asks you to install a custom certificate on the phone so it can retrieve even ssl/tls connection, At first I though it\'s joking, but after installing the certificate it shows the whole information used in ssl connection to my server... I am so worried about the security of my app, which a hacker can use that capturing app to know what to send to my server and sets his coin number for example to 100000 :(

please show me a way to make my app\'s connection more secured . * I do\'nt have a custom certificate installed on the app because the server certificate is trusted and working ok with the default use.

sorry for my poor English typing :)

Edit : thanks to @Ch4t4r for the idea... I did searched and find this for pinning the public key and it\'s so great, here is the github link : https://github.com/faruktoptas/volley-public-key-pinning

hope it helps others having the same problem

Views
31
Answers
0
Views
6
Answers
0
Edit Account
LOGIN INFORMATION
Change Settings
Email Notifications Notifications will be sent to abcd@gmail.com
Select option for your email notifications:
Mature / News Filter We'll send on email when new jobs are posted
Option 2 for email notification We'll send on email when new jobs are posted