# Certificate pinning - Wed 28th Oct, 2020 Security measures continued today; I implemented certificate pinning in C+. I'd seen [this excellent talk](https://youtu.be/CwFD_Eb_0Qo?t=583) in person at the React Native London meetup. He suggests [libraries that handle the certificate pinning on the JS side](https://github.com/MaxToyberman/react-native-ssl-pinning). Ultimately, I did not go down this route. I feel it's safer to simply hijack all network calls native side (and shut them all down if the pin doesn't match the server one). It's also easier, as I don't have to be overriding the [existing Fetch method](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API) and less error prone. So, on iOS, I used the excellent [TrustKit](https://github.com/datatheorem/TrustKit) library, and on Android I used the built-in OkHttpClient. [This guide was really helpful](https://itnext.io/react-native-security-ssl-pinning-cde086210d58) to set it all up. It was all surprisingly easy. Certificate pinning seems like a very simple precaution you can take with your app to greatly increase security and peace of mind. The only downside of course is that you can potentially "brick" your app if your API SSL certificate changes and is not updated first in-app. ###### tags: `programmingjournal` `2020` `C+` `security` `certificatepinning`