Pinned certificate using Let's Encrypt?
Hi,
I would like to know if the Let's Encrypt code used by cPanel will preserve your pinned key so that standalone or any other application can use Pinned Key verifications?
Or would it be possible that we have an option where it would update the certificate when its life ends using the same pinned key? An option in the panel that we can check to keep it.
SIDE NOTE: this specific question is not about HPKP, but the public key it self.
Thanks...
-
Hello, There's no support for public key pinning at this time, but the following feature request is open: Enhance SSL security: Public Key Pinning (HPKP) I encourage you to vote and add feedback to this request. Thanks! 0 -
Hello, There's no support for public key pinning at this time, but the following feature request is open: Enhance SSL security: Public Key Pinning (HPKP) I encourage you to vote and add feedback to this request. Thanks!
Thanks Michael, I already knew about that request and already supported it, but would there be a short guide(step by step) on how to do that with a single domain on cPanel and retain that format as in not let it be overriden? For testing purposes...0 -
Hello, The following third-party URLs offer information on how to implement this manually until the feature is included with cPanel: HTTP Public Key Pinning Extension HPKP for Apache, NGINX and Lighttpd - Raymii.org Everything you Need to Know about HTTP Public Key Pinning (HPKP) Regarding the modifications to the Virtual Hosts in Apache for the domain name, this document offers instructions on how to add custom entries: Modify Apache Virtual Hosts with Include Files - EasyApache 4 - cPanel Documentation Note that mod_headers is compiled with Apache by default: # httpd -M|grep header headers_module (shared)
Thank you.0
Please sign in to leave a comment.
Comments
3 comments