[
https://issues.apache.org/jira/browse/TS-3216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14618029#comment-14618029
]
Masaori Koshiba commented on TS-3216:
-------------------------------------
Hi [[email protected]],
I attached a new patch. Add below configs in {{records.config}} and those
configs are overridable from {{ssl_multicert.config}}.
{noformat}
proxy.config.ssl.hpkp.enabled
proxy.config.ssl.hpkp.backup_csr.filename
proxy.config.ssl.hpkp.report_only
proxy.config.ssl.hpkp.report_uri
proxy.config.ssl.hpkp.max_age
proxy.config.ssl.hpkp.include_subdomains
{noformat}
This patch also have {{Public-Key-Pins-Report-Only}} and {{report-uri}} support.
> Add HPKP (Public Key Pinning Extension for HTTP) support
> --------------------------------------------------------
>
> Key: TS-3216
> URL: https://issues.apache.org/jira/browse/TS-3216
> Project: Traffic Server
> Issue Type: New Feature
> Components: SSL
> Reporter: Masaori Koshiba
> Labels: review
> Fix For: 6.1.0
>
> Attachments: hpkp-001.patch, hpkp-002.patch, hpkp-003.patch
>
>
> Add "Public Key Pinning Extension for HTTP" Support in Traffic Server.
> RFC 7469 Public Key Pinning Extension for HTTP
> - https://tools.ietf.org/html/rfc7469
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
