Skip to content

Instantly share code, notes, and snippets.

@mcrmonkey
Created February 9, 2017 22:52
Show Gist options
  • Save mcrmonkey/08806ffeae5cce9f714deae5954383fd to your computer and use it in GitHub Desktop.
Save mcrmonkey/08806ffeae5cce9f714deae5954383fd to your computer and use it in GitHub Desktop.
openssl genrsa -out <KEY FILE> 4096
openssl req -new -key <KEY FILE> -sha256 -out <CSR File>
___________________________________
cat <CSR File> | openssl req -pubkey | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | base64
_________________________
openssl x509 -pubkey -in <CERT File> | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | base64
____________________________
add_header Public-Key-Pins-Report-Only 'pin-sha256="<Above Output>";includeSubdomains';
Header always set Public-Key-Pins "pin-sha256='<Above Output>'; includeSubdomains; max-age=2592000"
_______________________________
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment