Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Chrome's TLS pinned are enforced in Brave
See original GitHub issueChrome’s list of pinned certs ends up being used in Brave, probably because of the copy of it that’s shipped via the PKI Metadata component (kp_pinslist.pb).
Need to figure out whether or not we should disable this.
Test URL (in Chrome’s list): https://pinning-test.badssl.com/
Issue Analytics
- State:
- Created a year ago
- Comments:9 (6 by maintainers)
Top Results From Across the Web
Chrome's TLS pinned are enforced in Brave - PullAnswer
Chrome's list of pinned certs ends up being used in Brave, probably because of the copy of it that's shipped via the PKI...
Read more >TLS pins are not working · Issue #15667 · brave/brave-browser
Preloaded TLS pins are not working in Brave. For example https://pinning-test.badssl.com/ loads just fine instead of being blocked with a TLS error.
Read more >Disable TLS 1.0 and 1.1 and Enable DoH/DoT
Chrome/Brave can only be made to use only TLS 1.2 and above by a command-line switch. This can be implemented by setting up...
Read more >Stop Certificate Pinning | DigiCert.com
Pinning is especially problematic with publicly trusted TLS certificates because they must adhere to ever-evolving rules, decreasing maximum ...
Read more >Internet Security: Is it possible to force browsers like Chrome ...
To tweak the settings, point your browser to about:config. To disable SSL version 3 (to force Firefox to always use TLS 1.0 or...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Suggested addition to the smoketests to cover this issue too: https://github.com/brave/qa-resources/pull/455
Verification passed on
https://ssl-pinning.someblog.org/
confirmed I received a warning about the site not being pinned
https://pinning-test.badssl.com/
confirmed I got the red error page