Preventing man-in-the-middle with HTTPS?

Has anyone found a way to check server’s certificate fingerprint, force client to only trust given certificate(s), or otherwise prevent man-in-the-middle attacks when communicating through HTTPS?

Network.request doesn’t currently seem to support that, and I’m having hard time finding examples on how to do it with the OpenSSL plugin either.