Description
I got email with information about EOL For TLS Pinning Support.
Hello,
_We are writing to inform you of an important change regarding TLS certificate pinning support in our SDKs. On June 30, 2025, Amplitude will officially decommission support for TLS certificate pinning on the client side.
While our SDKs have not supported pinning for several releases, we understand that a small subset of customers are still using legacy versions of our SDKs with pinning enabled. If you are one of these customers, we strongly encourage you to discontinue the use of pinning as soon as possible prior to June 30, 2025.
IMPORTANT: If you continue to rely on TLS certificate pinning after this date, then you will not be able to send data to Amplitude successfully.
We understand that this change may be disruptive and apologize for the inconvenience. There are a few reasons this change is necessary:
Because the intermediate certificates being pinned in our legacy SDK versions are not managed by Amplitude, certificate authorities may at any time stop signing our new certificates if they include these outdated pinned intermediates.
In order to maintain the highest security standards, we will be moving our TLS certificate management into AWS ACM. However, one consequence of this is that we will not be able to continue pinning the same intermediates as the chain of certificate authorities will be different for certificates issued by AWS.
If you need assistance with this change or have any concerns, our technical support team is here to help._
I have checkd that under the hood react native library use older package, not the kotlin sdk. https://amplitude.com/docs/sdks/analytics/android/migrate-to-the-android-kotlin-sdk
Not so sure if its has any impact here on TLS certificate pinning support by using older sdk instead new one with switft/kotlin.
@amplitude/analytics-react-native: 1.4.7