Key pinning / Nginx reverse proxy
francis at daoine.org
Sun Feb 21 08:37:33 UTC 2016
On Sun, Feb 21, 2016 at 10:22:31AM +0200, Thierry wrote:
> Thx for your help, but I still do have the same problem.
> Public Key Pinning (HPKP) No
> I don't know what to do anymore ...
curl -I https://your-server/your-test-url
Every line in that response comes from your nginx config (possibly
including defaults) or your back-end config (passed through).
Do you see a "Public-Key-Pins:" line?
If so, does it have the content that you expect?
If not, what part of your nginx config processed the request; and does
that part have the add_header directive that you want?
If this is a public web server without any special authentications,
then the curl response contains no secrets.
Francis Daly francis at daoine.org
More information about the nginx