Certificate pinning associates a specific cryptographic certificate or public key with a host, rejecting connections that present different certificates even if they're signed by trusted certificate authorities. This prevents man-in-the-middle attacks using fraudulently issued certificates. Pinning can be implemented via HTTP Public Key Pinning (HPKP, now deprecated), application-level pinning in mobile apps, or custom TLS verification logic. URL shortening services should consider certificate pinning for their API clients and mobile SDKs to prevent traffic interception. However, pinning complicates certificate rotation and can cause outages if pins aren't updated before certificate changes. Services must balance the security benefit against operational risk, typically pinning to intermediate CA certificates rather than leaf certificates.
Certificate Pinning
A security technique where applications pre-fix trusted TLS certificates to detect and reject fraudulent certificate substitution by man-in-the-middle attackers.
Jan 13, 2026 · About 1 min read
Was this article helpful?
Related Terms
SSL/TLS
Cryptographic protocols that provide secure communication over the internet by encrypting data between client and server.
Certificate Transparency
A framework for monitoring and auditing SSL/TLS certificates to detect misissued or fraudulent certificates.
Man-in-the-Middle Attack
A cyberattack in which an attacker intercepts communication between two parties to eavesdrop on or tamper with data. HTTPS adoption has driven countermeasures forward.
HSTS
HTTP Strict Transport Security - a header that forces browsers to only connect to a website using HTTPS.
HTTPS
The secure version of HTTP that encrypts data transmitted between a browser and a web server using TLS.
QR Code Security
Measures to protect users from malicious QR codes that may lead to phishing sites or malware downloads.
Related Articles
Short URL Security Guide - Best Practices for Safe Link Sharing
A comprehensive guide to short URL security best practices. Understand the risks and learn how to share links safely and responsibly.
What Happens When You Click a Link? A Peek Behind the 0.5-Second Curtain
What happens behind the scenes when you click a link? An adventure-style guide covering DNS, requests, responses, and how URL shortener redirects work.
How to Spot and Prevent Phishing Attacks Using Short URLs
Learn to identify phishing attempts that exploit short URLs. Practical tips for protecting yourself and your organization from link-based scams.
Ready to create a short URL?
Shorten a URL for Free