What is the proper way to enable certificate pinning on iOS?
When we tried to enable enable_public_key_pinning, trusted_public_pki and trusted_cert_pinned_public_key_hashes in MSSO JSON for iOS, the Application crashes to execute MAS Start (errors cannot be collected), and cannot run.
However when we enable the parameters enable_public_key_pinning, trusted_public_pki and trusted_cert_pinned_public_key_hashes in Android, the application works fine.
I believe the problem you are facing is due a difference between iOS and Android on how to setup the public key hashes on the msso_config file.
Android SDK expects the public key hash to be set plain text in a array of arrays:
iOS SDK expects the public key hash to be set in a base64 format in a array of strings:
"trusted_cert_pinned_public_key_hashes": ["47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=", "HaDE0F3aPsDAqDRYZHYUGM5An8dlCCTRjwR7A1+xOqU="],
The way to setup it will be aligned in a future release of the SDK.
Please, let us know if you need any further assistance to solve this issue.