← Back to glossary

📌

Certificate Pinning

Security

TLS (Transport Layer Security) HTTPS Man‑in‑the‑Middle (MITM) Attack Certificate Authority (CA)

Restricting TLS trust to specific keys/certificates.

Definition

Pinning constrains acceptable server certificates to a known set (SPKI/public key pins), reducing reliance on the full CA ecosystem.

In plain English Restricting TLS trust to specific keys/certificates.

Why this matters

Why it matters: It can mitigate mis-issued certificates but introduces operational risk during key rotation and certificate renewal.

Example

Example: App validates server public key against a pinned hash.