AllPinsExpired

Thrown when all configured pins for the domain have expired.

This error occurs when all the certificate pins configured for a domain have passed their expiration date. This indicates a maintenance issue that requires immediate attention to restore service availability.

Common Causes

• Expired certificates that weren't renewed in time

• Outdated pin configuration in TrustPin dashboard

• Certificate rotation without pin updates

• Maintenance oversight or process failure

Immediate Actions

1. Check certificate validity: Verify if server certificate is still valid

2. Update pins: Generate new pins for current certificates

3. Emergency bypass: Consider temporary permissive mode if critical

4. Notify administrators: Alert operations team of expiration

Resolution Steps

1. TrustPin dashboard: Update expired pins with current certificate hashes

2. Certificate renewal: Renew certificates if they're also expired

3. Process review: Improve pin management and renewal processes

4. Monitoring: Set up alerts for upcoming pin expirations

Emergency Bypass

If immediate service restoration is critical:

// Temporary permissive mode for emergency access
trustPin.setup(
    organizationId = orgId,
    projectId = projectId,
    publicKey = publicKey,
    mode = TrustPinMode.PERMISSIVE  // Temporary bypass
)

Prevention

• Monitoring: Set up alerts 30 days before pin expiration

• Automation: Implement automated pin renewal processes

• Staging testing: Test pin updates in staging environment first

• Documentation: Maintain clear pin management procedures

See also