Android SSL-certificate pinning

[CAMOBAP]

Looks like no third-party libraries need, this can be achieved by a single config https://developer.android.com/training/articles/security-config#CertificatePinning

Upd. We need to be able to update certs: https://github.com/wultra/ssl-pinning-android allow dynamic SSL pinning

[e271828-]

This would have the same issue as any naive pin: you can get stuck on an old cert. Their suggestion to expire pins after time X is laughable.

Check out the same source used for the iOS pinning for Android details.