Dear sir,

After I have executed the curl command, it seems that I have an answer
from my Apache2 back end server (apache2.conf)
Yes I do see the "Public-Key-Pins:" line... And yes I do have the
content that I expect.

Public-Key-Pins: pin-sha256="DZNsRcNIolhfdouihfazormhrfozef=";pin-sha256="633ltusrlsqhoagfdgfo79xMD9r9Q="; max-age=2592000; includeSubDomains

But, is it really the output of Apache2 ? There is a syntax difference
between Nginx and Apache2:

Nginx: pin-sha256="DZNsRcNIoiVdK8Img794j8/XGf4+6sDLFjADPWWOddw=";
Apache2: pin-sha256=\"DZNsRcNIoirupeqrhfjpzehfrhfaefhpazf=\";

When the curl command return me the result, I can see that there is
no "\" ... Is it normal ?

If yes, why is "ssllabs.com/ssltest" doesn't see anything concerning
the HPKP ?

Thx

Le dimanche 21 février 2016 à 10:37:33, vous écriviez :

> On Sun, Feb 21, 2016 at 10:22:31AM +0200, Thierry wrote:

> Hi there,

>> Thx for your help, but I still do have the same problem.
>>
>> Public Key Pinning (HPKP) No
>>
>> I don't know what to do anymore ...

> curl -I https://your-server/your-test-url

> Every line in that response comes from your nginx config (possibly
> including defaults) or your back-end config (passed through).

> Do you see a "Public-Key-Pins:" line?

> If so, does it have the content that you expect?

> If not, what part of your nginx config processed the request; and does
> that part have the add_header directive that you want?

> If this is a public web server without any special authentications,
> then the curl response contains no secrets.

> f



--
Cordialement,
Thierry e-mail : lenaigst@maelenn.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx