Certificate Pinning
TLS Certificate Pinning
A technique that associates a host with its expected certificate, preventing man-in-the-middle attacks with forged certificates.
Teknik Detay
Certificate Pinning is a critical component of information security infrastructure. The Web Crypto API (crypto.subtle) provides browser-native implementations of cryptographic algorithms including AES-GCM, RSA-OAEP, ECDSA, and SHA family hash functions. All operations execute in constant-time to prevent timing attacks. Client-side security processing ensures sensitive data (passwords, keys, encrypted content) never leaves the user's device — a property that cannot be guaranteed by server-side alternatives.
Ornek
```javascript
// Certificate Pinning — Web Crypto API example
const data = new TextEncoder().encode('sensitive data');
const hash = await crypto.subtle.digest('SHA-256', data);
const hex = Array.from(new Uint8Array(hash))
.map(b => b.toString(16).padStart(2, '0')).join('');
```
Ilgili Araclar
P
Password Generator
P
Password Strength Checker
H
Hash Generator
H
HMAC Generator
A
AES Encrypt / Decrypt
R
Random String Generator
C
CSP Header Generator
T
Text Redactor
C
CORS Header Generator
S
SRI Hash Generator
B
Base64 Encoder / Decoder
J
JWT Decoder
U
UUID Generator
T
TOTP Configurator
S
SSL Certificate Decoder
Ilgili Terimler
AES
RSA
SHA-256
SSL/TLS
PGP
Steganography
Checksum
Password Hashing
QR Code
HMAC
TOTP
Key Derivation
Salt
Entropy
Public Key
OWASP Top 10
XSS
CSRF
SQL Injection
Command Injection
Path Traversal
SSRF
HSTS
Zero-Day
CVE
Penetration Testing
Threat Modeling
Defense in Depth
Insecure Deserialization
XXE
SRI
Argon2
CORS Misconfiguration
Sensitive Data Exposure
2FA
RBAC
PKI
DDoS
WAF
Nonce
E2EE
FIDO2
Clickjacking
Sandbox