TrustPin Kotlin SDK/cloud.trustpin.kotlin.sdk/TrustPinError/PinsMismatch

PinsMismatch

object PinsMismatch : TrustPinError(source)

Thrown when no matching pins were found for the provided certificate.

This error occurs when the certificate's public key hash doesn't match any of the configured pins for the domain. This is a critical security error that may indicate a man-in-the-middle (MITM) attack or certificate rotation without pin updates.

Security Implications

  • High severity: Potential security threat detected

  • MITM attack: Certificate may be compromised or intercepted

  • Service disruption: Legitimate certificate rotation without pin updates

  • Configuration drift: Pins may be outdated or incorrect

Immediate Actions

  1. Do not retry: This is not a transient error

  2. Log security event: Record details for security monitoring

  3. Alert administrators: Notify security team of potential threat

  4. Block connection: Prevent potentially compromised connection

Investigation Steps

  1. Verify certificate: Check if server certificate changed legitimately

  2. Update pins: If legitimate change, update pins in TrustPin dashboard

  3. Check network: Investigate for network-level interference

  4. Review logs: Look for patterns indicating broader compromise

Example Handling

try {
    trustPin.verify("api.example.com", certificate)
} catch (e: TrustPinError.PinsMismatch) {
    // Critical security issue - do not retry
    logger.critical("Certificate pinning failed for domain")
    securityMonitor.alert("Potential MITM attack detected")
    throw SecurityException("Potential MITM attack detected")
}
Content copied to clipboard

See also

Properties

Link copied to clipboard
open val cause: Throwable?
Link copied to clipboard
Link copied to clipboard
open val message: String?
Link copied to clipboard
Link copied to clipboard
val suppressed: Array<out Throwable?>?
Generated by Dokka
© 2026 TrustPin. All rights reserved. | Website | License