You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In our own application we use the certificate directly from public-api.sandbox.bunq.com (old key in our version is: SUiIQk086/o/n95Z/GMKJYaV7SBbvr/pZC8lNxfvzu0= ) instead of the parent certificate that is used in this SDK (amazon root CA 1 ) .
When I tried to connect with the SDK to the sandbox with our own version to ( public-api.sandbox.bunq.com ). I noticed this in ApiClient::post
What should happen:
A connection should be made and pinned ssl certificate should match the server certificate. When using a root certificate you're not really doing ssl pinning because it's not specific enough.
What happens:
When you use the old server sha256 pin key an error like below is logged :
Steps to reproduce:
When I tried to connect with the SDK to the sandbox with our own version to ( public-api.sandbox.bunq.com ). I noticed this in ApiClient::post
What should happen:
What happens:
Traceback
SDK version and environment
Response id
n/a
Extra info:
easy way to get the pinnedkey is by dropping the url ( public-api.sandbox.bunq.com ) into https://www.ssllabs.com/ssltest/ and search for
Pin SHA256
The text was updated successfully, but these errors were encountered: