I need collective input from StackOverFlow on how to solve the current issue i'm currently facing.
I've two application that request handshake to two different waf.
App A SSL pinning pointed to SSL A ( Version 1 )
App B SSL pinning pointed to SSL B ( Version 2 )
We've this force-update feature for the mobile application. When we upload Version 2 app to production, the Version 1 app unable to work because it's expecting SSL A to reach the server. But the server is now only accepting SSL B for SSL handshake.
So now i'm having difficulty to force update the Version 1 to Version 2 because the force-update API is failing at SSL handshake.
I was thinking adding NGINX or HAPROXY holding two cert ( SSL A + SSL B ) then redirect them to origin that is offloading/hosting the SSL cert , in this case could be a firewall or WAF.
So i was thinking is there any software or cloud services can do the redirection based on SSL or HTTP parameter in the box "2 Cert LB"
![enter image description here](https://i.stack.imgur.com/8f4Jw.png)
I've been reading some stackoverflow solution, but i'm still having issue implementing it.
Nginx if statement on ssl certificates
https://serverfault.com/questions/837541/ssl-offloading-for-multiple-domains-multiple-certs-on-haproxy
Some helpful advice or info is highly appreciated.
Thanks in advance.
question from:
https://stackoverflow.com/questions/65919782/two-app-with-different-ssl-public-key-pinning-how-to 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…