[–] technion 10y ago ↗ There's a minor typo in the "copy and paste" segment, wherein the second hash is not surrounded by quotes. Regardless, this is great advice.I trust Lets Encrypt. I don't trust many of the dozens of terrible CAs out there. Key pinning is one great step at mitigating that risk. [–] hobarrera 10y ago ↗ Thanks for the feedback, and I'm glad it's of use.I'll get that typo fixed, though FWIW, it works without the quotes, since it's what validated on my servers. :) [–] technion 10y ago ↗ Thanks for the update!For the reference, I noted on my system, without the quotes, the SSLLabs test gave me a big error claiming the keys were invalid.
[–] hobarrera 10y ago ↗ Thanks for the feedback, and I'm glad it's of use.I'll get that typo fixed, though FWIW, it works without the quotes, since it's what validated on my servers. :) [–] technion 10y ago ↗ Thanks for the update!For the reference, I noted on my system, without the quotes, the SSLLabs test gave me a big error claiming the keys were invalid.
[–] technion 10y ago ↗ Thanks for the update!For the reference, I noted on my system, without the quotes, the SSLLabs test gave me a big error claiming the keys were invalid.
4 comments
[ 2.8 ms ] story [ 20.2 ms ] threadI trust Lets Encrypt. I don't trust many of the dozens of terrible CAs out there. Key pinning is one great step at mitigating that risk.
I'll get that typo fixed, though FWIW, it works without the quotes, since it's what validated on my servers. :)
For the reference, I noted on my system, without the quotes, the SSLLabs test gave me a big error claiming the keys were invalid.