Dear Andreas, Thx for your help, but I still do have the same problem.
Public Key Pinning (HPKP) No I don't know what to do anymore ... Thierry Le samedi 20 février 2016 à 13:10:16, vous écriviez : > Thierry: >> Nginx: front end - reverse proxy >> Apache2: Back end - web server > hpkp is an header served to the client as response to an https request > I would add the Public-Key-Pins on the instance terminating the HTTPS request. > without rproxy I have this in /etc/nginx/sites-enabled/example.org > server { > listen *:443 ssl http2; > server_name example.org; > ssl_certificate > /etc/ssl/example.org/cert+intermediate.pem; > ssl_certificate_key /etc/ssl/example.org/key.pem; > ssl_stapling_file /etc/ssl/example.org/ocsp.response; > add_header Public-Key-Pins "max-age=42424242; > pin-sha256=\"..pin1...\"; pin-sha256=\"..pin2...\";"; > ... > } > Andreas > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -- Cordialement, Thierry e-mail : lenai...@maelenn.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx