What is the name of the domain?
What is the issue you’re encountering
Need advice for certificate pinning
Was the site working with SSL prior to adding it to Cloudflare?
Yes
What is the current SSL/TLS setting?
Full (strict)
What are the steps to reproduce the issue?
I would like to implement certificate pinning on iOS devices to prevent MITM attacks while also using Cloudflare’s proxy to prevent DDoS attacks.
Normally, I could just purchase an SSL certificate from a provider like Comodo for certificate pinning. However, I’m confused about how to achieve this with Cloudflare. The Edge certificate is activated, but I don’t seem to be able to download it.
Is there a way to implement certificate pinning while proxying the domain through Cloudflare (Orange proxy enabled)? This would allow me to protect the API against DDoS attacks while also preventing MITM attacks on the device through certificate pinning.
Many thanks for advice,