Comment by kstrauser
No, the idea is that the app has the server's public key embedded in them, and they use that to verify that they're connecting only to the server with the corresponding private key.
No, the idea is that the app has the server's public key embedded in them, and they use that to verify that they're connecting only to the server with the corresponding private key.