add fingerprints from env variable

README.md

@@ -56,6 +56,11 @@ session.setProxy(proxy);
 // now do your API calls
 ```
 
+You can add valid SSL fingerprints by adding them to the `FIGO_API_FINGERPRINTS` environment variable. Fingerprints
+need to be added in HEX format without column delimiters. A column delimiter is used to indicate the next element in
+the list of fingerprints.
+
+
 To disable the SSL certificate pinning (not recommended) do the following:
 ```java
 // first create the FigoSession object

src/main/java/me/figo/internal/FigoTrustManager.java

@@ -71,8 +71,9 @@ public void checkServerTrusted(X509Certificate[] certs, String authType) throws
             throw new CertificateException("No certificate found");
         } else {
             String thumbprint = getThumbPrint(certs[0]);
-            if (!VALID_FINGERPRINTS.contains(thumbprint))
+            if (!VALID_FINGERPRINTS.contains(thumbprint) && !this.getFingerprintsFromEnv().contains(thumbprint)){
                 throw new CertificateException();
+            }
         }
     }
 
@@ -89,4 +90,9 @@ private static String getThumbPrint(X509Certificate cert) {
             return "";
         }
     }
+
+    private static List<String> getFingerprintsFromEnv()    {
+        String fingerprintList = System.getenv("FIGO_API_FINGERPRINTS");
+        return Arrays.asList(fingerprintList.split(":"));
+    }
 }