How can I pin a certificate with Square OKHTTP?

Question

I think I need to create a new SSL Socket Factory? Also, I don\'t want to use the global SSL Context (https://github.com/square/okhttp/issues/184) for obvious reasons.

Answer 1

If you don't have access to the domain (restricted access for example) and cant test bogus hash, but you have certificate file you can use openssl to retrieve it:

openssl x509 -in cert.pem -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64