Certificate pinning for mendix app

Hi, I'm wondering anybody has experience integrating the following plugin in mendix app to prevent man in the middle attack. https://github.com/EddyVerbruggen/SSLCertificateChecker-PhoneGap-Plugin I keep getting CONNECTION_NOT_SECURE. One thing I have seen is that the certificate thumbprint for the mendix app keeps changing and that could be the reason why its not able to validate the fingerprint. Probably because its running from cloud. Any help would be highly appreciated. Here are the steps I followed:- I have included in the phonegap config.xml. The following script in included in index.html <script type="text/javascript"> document.addEventListener("deviceready", onDeviceReady, false); function onDeviceReady() { var server = "https://build.phonegap.com"; var fingerprint = "‎77 8d d9 8a 7d 2b c5 25 a1 8f 16 d0 0d 43 4a cb 6a 37 02 01"; window.plugins.sslCertificateChecker.check( successCallback, errorCallback, server, fingerprint); function successCallback(message) { alert(message); // Message is always: CONNECTION_SECURE. // Now do something with the trusted server. } function errorCallback(message) { alert(message); if (message == "CONNECTION_NOT_SECURE") { // There is likely a man in the middle attack going on, be careful! } else if (message.indexOf("CONNECTION_FAILED") >- 1) { // There was no connection (yet). Internet may be down. Try again (a few times) after a little timeout. } } } </script>  
0 answers