ptx101
By:
ptx101

HTTP Public Key Pinning (HPKP) for a self-signed Certificate

May 20, 2016 457 views
Security Nginx Ubuntu 16.04

Hello,

Is it possible adding Public Key Pins for a self-signed Certificate?

https://developer.mozilla.org/en/docs/Web/Security/PublicKeyPinning
HPKP has the potential to lock out users for a long time if used incorrectly! The use of backup certificates and/or pinning the CA certificate is recommend.

Which backup certificates could be pinned?

Would it open the door to MITM attack?

More info: https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04

Best Regards,

Be the first one to answer this question.