Why We need the certificate hash in order to perform certificate pinning What When using the mobile-cli to generate the mobile-services.json file, it should check the certificate of each services that use https and generate the hash value automatically. Suggested approach Aiden has done a Poc: https://github.com/aerogear/mobile-cli/pull/71. In order to make it easier to get all the hash values of the certs, we should consider group all the hashes together into one object, something like this: ``` { "https": [ { "host": "", "certificateHash": "" } ] } ``` Trello link |