Certificate Hardening Enforcement Notification

Learn how to customize the Certificate Signature Enforcement Notification that will display to a mobile user if Appdome detects that the TLS/SSL certificate has been signed using weak encryption.

About Certificate Signature Hardening

Appdome Certificate Signature Hardening service secures your app’s connections by verifying that aside from being secure HTTP connections, the certificates are also signed using strong encryption and hashing methods. Customers choose one or more of the following options:

  • Enforce Strong RSA Signature – enforces leaf and intermediary certificates received from the server to be signed with a Rivest-Shamir-Adleman (RSA) key with a length of at least 2048 bits
  • Enforce Strong ECC Signature – enforces leaf and intermediary certificates received from the server to be signed with an Elliptic-Curve Cryptography (ECC) key with a size of at least 256 bits
  • Enforce SHA256 Digest – enforces leaf and intermediary certificates received from the server to be signed using a Secure Hash Algorithm 2 (SHA-2) with a digest length of at least 256 bits (SHA-256 or greater)

App Compromise Notifications

When Appdome’s technology detects that a mobile app is using a certificate that has been signed using weak encryption, the default behavior is to display an App Compromise Notification to the mobile user and drop the connection.

This Knowledge Base article provides instructions on how to customize the Certificate Signature Hardening Enforcement Notification.

We hope you find it useful and enjoy using Appdome!

Security Features on Appdome

Appdome is a no-code mobile security platform that allows users to add mobile security features to Android and iOS apps. This KB describes how to use Appdome’s simple ‘click to build’ user interface to quickly and easily customize the Certificate Signature Hardening Enforcement Notification for any mobile app – no code or coding required.

Using Appdome, there are no development or coding prerequisites. For example, there are no Appdome SDKs, libraries, plug-ins, software or hardware to implement. Likewise, there are no required infrastructure changes.  Users simply upload an Android or iOS app, select their choice of features from Appdome’s Security category, and click “Build My App”. The Appdome technology adds the chosen mobile security features to the app (plus any required standards or framework extensions) automatically, with no manual development work at all.

Prerequisites for Using Appdome for Security

How to Customize the Certificate Signature Enforcement Notification for Users

From the “Build” tab, go to the Security menu.

  1. Click  Secure Communications to expand the bundle
  2. Click on the toggle to enable Trusted Session
  3. Expand Session Management.
  4. Toggle the Enforce Strong RSA Signature switch
    (optional) Fill out the custom message that is displayed in case of a security event.
  5. Toggle the Enforce Strong ECC Signature switch
    (optional) Fill out the custom message that is displayed in case of a security event.
  6. Toggle the Enforce SHA256 Digest switch
    (optional) Fill out the custom message that is displayed in case of a security event.
  7. (optional) Enable +DEV Events if you wish that your app will handle Appdome events.
  8. Click Build My App

appdome certificate signature hardening

customizing App Compromise Notifications

Troubleshooting Tips

Check out the KB article on the most common causes for an app to exit when Appdome security has been added to your app.

How Do I Learn More?

Check out the KB article on Appdome Mobile Security Suite

To zoom out on this topic, visit Appdome for Mobile App Security on our website.

Or request a demo at any time.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Alan Bavosa

Have a question?

Ask an expert

GilMaking your security project a success!