Too Long; Didn't Read
The first edition of this article implemented TLS certificate pinning for React Native apps on Android. Since then, the react-native-cert-pinner package has been enhanced to support pinning on iOS devices. With React Native, it is even more challenging, because the networking interface required to implement pinning is not exposed at the javascript layer. This is a work in progress, currently available on Android and iOS, with additional package automation and security to follow. The React Native app can pin a server’s leaf and intermediate certificates, even if their certificate authorities are trusted by the device.