What Is Certificate Pinning?
Certificate pinning is a security technique where a client is configured to trust only a specific certificate or public key for a given server, rather than any certificate signed by a trusted authority. If the presented certificate does not match the pin, the client refuses the connection. This narrows trust to keys the application explicitly expects.
Why it matters
Standard validation trusts any certificate from a recognized authority, so a mis-issued or compromised authority can enable interception. Pinning rejects those, hardening apps against man-in-the-middle attacks, at the cost of careful key-rotation handling.
Related guides
Mutual TLS - CI/CD Glossary DefinitionMutual TLS has both client and server present certificates so each proves its identity to the other, authenti…
TLS Handshake - CI/CD Glossary DefinitionA TLS handshake negotiates the cipher and exchanges keys to secure a connection after TCP connects, adding ro…
Certificate Rotation - CI/CD Glossary DefinitionCertificate rotation replaces TLS certificates before they expire, so services keep trusting each other and a…