-
Notifications
You must be signed in to change notification settings - Fork 361
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disable pinning for specific subdomains? #88
Comments
That will work, but clearly it is not ideal from a syntactic or logical perspective. Perhaps the two keys should be optional if 'enforce' is false? |
Yeah, right now there is no clean way to do what you're trying to do. I am thinking about adding the option to not pin a domain (nor specify pins) but still get the reports. |
I am not sure in such case I would be interested in the reports. Anyway, if that helps, I might be able to create a PR that will enforce those keys if pinning is disabled. |
What prevents you from listing the domains you want to pin (instead of the other way around)? |
We have one endpoint in our domain that is served by Cloudflare, and all other domains (>20) are served from our servers. So it is easier (especially looking forward) to disable pinning for that domain, and not enabling it for all of the other domains. |
Hey,
I want to enable pinning for all our domain, but disable it for a specific subdomain. So I tried it with something like that:
Is this the only way? I had to set
kTSKPublicKeyAlgorithms
and `kTSKPublicKeyHashes' although I want to disable pinning as they mandatory.Thanks,
Omer
The text was updated successfully, but these errors were encountered: