APPLICATION SECURITY CONFIGURATION (FOR SSL PINNING)
Root Check -> Ensure Step 3 is completed.
1. We also have to maintain package names of Servicing and Authenticator app in the same table, i.e. DIGX_FW_CONFIG_ALL_B corresponding to the following keys respectively:
ANDROID_SERVICING_PACKAGE and ANDROID_AUTHENTICATOR_PACKAGE
An example query will be:
insert into digx_fw_config_all_b (PROP_ID, CATEGORY_ID, PROP_VALUE, FACTORY_SHIPPED_FLAG, PROP_COMMENTS, SUMMARY_TEXT, CREATED_BY, CREATION_DATE, LAST_UPDATED_BY, LAST_UPDATED_DATE, OBJECT_STATUS, OBJECT_VERSION_NUMBER) values ('ANDROID_SERVICING_PACKAGE', 'mobileconfig', 'com.ofss.zigbank', 'N', '', 'Stores device id in OUD', 'ofssuser', sysdate, 'ofssuser', sysdate, 'Y', 1,);
SSL Pinning
2. Get the list of Base 64 encoded SHA256 hashed certificates' public keys of server’s valid certificates. Use below command to generate this hash for your certificate. Replace '<certificate.der>' with the path to your certificate.
openssl x509 -inform der -in <certificate.der> -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
3. Add the hashed keys generated in point 6 to zigbank\platforms\android\customizations\src\main\res\values\app.properties.xml file in ‘certificate_public_keys’ array. Append this key to ‘sha256/’ in an <item> tag as shown below. Multiple certificate keys can be added to ‘certificate_public_keys’ array by adding them in <item> tags.
Example:
<string-array name="certificate_public_keys">
<item>sha256/5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=</item>
</string-array>
Example:
<string-array name="certificate_public_keys">
<item>sha256/5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=</item>
<item>sha256/3rgsgghoqrDegekpkkgk92Fgw1w7exyYCS1okef9Oo1w=</item>
</string-array>