Developers and supporting people often use proxy tools such as Fiddler for trouble shooting. However, proxy intercepting might make some apps with SSL pinning not working on Android.
For example, MS Teams has this SSL pinning coded so the app does not work with an intercepting Proxy.
SSL pinning can stop man in the middle attack effectively but also stop trouble shooting with proxy intercepting.
This SSL pinning feature is available for Android 6 and above. Developers have to implement this SSL pinning feature into their code explicitly. Apps not coded with SSL pinning can still be troubleshooted with proxy intercepting.
Comments