Published: Apr 13, 2021
Apr 2021

SSL public key pinning is tricky. If you select the wrong policy or don't have a backup pin, your application will stop working unexpectedly. This is where TrustKit is useful — it's an open-source framework that makes SSL public key pinning easier for iOS applications. There is an equivalent framework for Android as well. Picking the correct pinning strategy is a nuanced topic, and you can find more details about it in the TrustKit Getting Started guide. We've used TrustKit in several projects in production, and it has worked out well.