Frequently Asked
Questions

Your applications maintain full functionality as they only require access to a CDN infrastructure. There is no direct communication between your apps and the web dashboard. Should the dashboard become unavailable, you can continue managing your certificates through our CLI, which connects directly to the API. Your applications will continue operating without any interruption.

Your applications remain fully operational as they only communicate with our CDN infrastructure, not the API directly. During an API outage, certificate modifications and updates through our management tools will be temporarily unavailable. However, for enterprise customers using Bring-Your-Own-Key (BYOK) and Bring-Your-Own-CDN configurations, emergency certificate changes can still be made even if both the API and web dashboard are unavailable. This scenario is extremely rare and provides an additional layer of resilience for mission-critical deployments.

TrustPin utilizes a globally distributed CDN with edge locations worldwide, delivering 99.99% uptime SLA. This enterprise-grade infrastructure ensures your certificate configurations are always accessible to your applications, with automatic failover handling regional outages seamlessly.

With Bring-Your-Own-CDN, you have complete control over your infrastructure and certificate distribution. TrustPin supports any CDN provider capable of serving plain text files - including AWS CloudFront, Azure CDN, Cloudflare, Google Cloud CDN, and others. The only requirement is the ability to host and serve static text content, making the solution highly flexible and vendor-agnostic.

TrustPin establishes a secure, cryptographically-verified communication channel between your applications and a trusted configuration source. Using public key cryptography, we ensure that only authorized parties can modify certificate information, guaranteeing both data integrity and authenticity. Our system performs certificate pinning by validating certificate fingerprints and Certificate Transparency logs. Unlike traditional approaches that embed static certificates in your application, TrustPin dynamically retrieves and verifies certificate information, providing superior protection against MITM attacks while maintaining operational flexibility.

Each TrustPin project uses isolated signing keys, limiting the blast radius of any potential compromise. In the unlikely event of key compromise, you can immediately create a new project with fresh signing keys and migrate your applications in under 5 minutes. As an additional security measure, we can remove compromised configurations from our CDN infrastructure, preventing applications with compromised keys from accessing pinning services. This multi-layered security approach ensures rapid recovery and minimal exposure.

TrustPin enhances security by cross-referencing Certificate Transparency (CT) logs with certificate validation. Beyond standard certificate hash verification, our system validates that the CT logs declared by the server match those recorded in the certificate's extensions. This additional layer of verification helps detect fraudulent certificates and ensures that only legitimate certificates, properly logged in public CT databases, are accepted by your applications.

Each TrustPin project contains only three pieces of embedded information: Organization ID, Project ID and Public Key. When creating a new project after a compromise, you have two deployment options: release a new application version with updated credentials, or leverage remote configuration capabilities (which we strongly recommend) to update these values instantly without requiring app store submissions or user updates. This architecture minimizes embedded dependencies while maintaining maximum security and operational flexibility.

All TrustPin infrastructure is hosted in Europe, ensuring GDPR compliance and EU data residency. Critically, TrustPin does not store any end-user PII (Personally Identifiable Information) or application user data. We only store certificate configurations, project metadata, and your account information. Your application users' personal data never touches our systems. This architecture-by-design approach minimizes data privacy risks and simplifies compliance requirements.

Since TrustPin does not store end-user data, GDPR data subject access requests (DSARs) for your application users do not require action from TrustPin. Only your organization's account data (email, project configurations) is stored in our systems. If you need to delete your organization's data, you can do so directly from the dashboard, or contact support for complete account deletion. All data is permanently removed within 30 days in compliance with GDPR requirements.

TrustPin integration typically takes just a few minutes and follows a streamlined 3-step process: create your project in the dashboard, configure the domains you want to protect, and integrate our lightweight SDK. The SDK requires only a single setup function call. On some platforms, this setup call automatically handles all certificate pinning, while others may require adding one or two additional lines to your existing HTTP client configuration. This minimal integration approach ensures rapid deployment without disrupting your existing architecture.

Yes, TrustPin is designed to work seamlessly in enterprise environments with TLS inspection infrastructure. While TrustPin normally protects against certificate manipulation (including corporate proxies that replace certificates), you can configure custom certificate fingerprints for specific domains. This allows enterprises to implement certificate pinning for external services using their own inspection certificates rather than the original certificates. Our dashboard provides tools to either fetch certificate information from your corporate environment or manually add custom fingerprints as needed.

The TrustPin setup requires four parameters: Organization ID, Project ID, Public Key, and Configuration URL (the latter only for Bring-Your-Own-CDN deployments). These identifiers are safely embedded in your application as they contain no sensitive secrets - the public key is cryptographically designed to be publicly known. While TrustPin provides comprehensive certificate pinning protection, we recommend implementing Runtime Application Self Protection (RASP) as part of a defense-in-depth security strategy.

Here's a practical example: Suppose your application connects to api.example.com, but your corporate proxy intercepts this traffic with its own certificate. You would configure TrustPin to pin api.example.com using your corporate proxy's certificate fingerprint rather than the original certificate from api.example.com. When your corporate certificate rotates, you simply update the fingerprint in TrustPin instead of managing the external domain's certificate. This approach ensures your applications remain secure while respecting corporate network policies and compliance requirements.

TrustPin proactively prevents certificate expiration issues. Simply configure TrustPin with your new certificate before the current one expires, or immediately upon receiving your replacement certificate. Our system supports multiple certificates per domain, allowing for seamless transitions. Once you deploy the new certificate to your server, TrustPin automatically validates it against the pre-configured certificate information, ensuring uninterrupted application functionality without any user intervention.

TrustPin revolutionizes certificate management by eliminating embedded certificates entirely. Instead of hardcoding certificates in your application, TrustPin uses cryptographically signed configuration files hosted remotely. Your application dynamically retrieves and verifies these configurations using your signing keys, ensuring authenticity and integrity. This architecture enables instant certificate updates without app store submissions, user downloads, or application restarts - delivering true zero-downtime certificate rotation. TrustPin fully supports managed certificates from providers like AWS Certificate Manager, Cloudflare, Let's Encrypt, DigiCert, and others, allowing you to benefit from automatic certificate rotation while maintaining robust certificate pinning.

Yes, TrustPin fully supports certificates from all major certificate authorities including Let's Encrypt, AWS Certificate Manager (ACM), Cloudflare, DigiCert, and any other CA. TrustPin uses SPKI (Subject Public Key Info) pinning, which is the OWASP-recommended industry best practice for certificate pinning. It's important to note that most managed certificate services (including Let's Encrypt, AWS ACM, and Cloudflare) generate new key pairs when renewing certificates by default, which means the SPKI hash changes with each renewal, just like leaf certificate hashes. This is standard secure practice. TrustPin's dynamic pinning is essential for working with these services - it allows you to update pinned certificates remotely without app releases, enabling zero-downtime rotation regardless of whether keys change. Optional: If you want SPKI hashes to remain stable across renewals (avoiding the need to update pins), you can configure your certificate provider to reuse the same private key. For example, with Let's Encrypt via Certbot, use the --reuse-key flag when renewing: 'certbot renew --reuse-key'. This generates a new certificate with the same public key, keeping your SPKI pins valid. Note that AWS ACM does not support key reuse - it always generates new keys during renewal, so you must use TrustPin's dynamic pin updates.

TrustPin imposes no technical limits on certificates per domain, providing complete flexibility for complex certificate management scenarios. The only constraints are organizational: the number of projects per organization, domains per organization, and organization creation capabilities. These limits are plan-dependent and designed to support everything from individual developers to large enterprise deployments. This unlimited certificate approach enables advanced use cases like A/B certificate testing, gradual rollouts, and complex multi-certificate architectures.

TrustPin optimizes performance through intelligent caching: configuration files are cached in application memory for 10 minutes and automatically fetched before the first network request. When the cache expires, the system seamlessly refreshes the configuration in the background. This caching strategy ensures minimal network overhead while maintaining up-to-date certificate information.

TrustPin is built upon the foundational OWASP research that specifically recommends dynamic certificate pinning over static embedded certificates. We have evolved beyond the original specifications by incorporating enterprise-grade features including configuration versioning, cloud-native infrastructure, comprehensive SDK support, command-line tools, and Certificate Transparency integration. This ensures TrustPin not only meets but exceeds OWASP mobile security recommendations while addressing real-world operational challenges.

Absolutely. TrustPin supports comprehensive security auditing through formal NDA agreements that provide read-only access to our source code repositories. Organizations can audit our SDKs, command-line tools, and API implementations to ensure they meet internal security standards. For enterprises with specific compliance requirements, we also offer specialized contracts including on-premises deployment options and additional security features tailored to your organizational needs.