Increase the HPKP seconds to 604800 (7 days)

python · Jan 14, 2015 · eaec1b8 · eaec1b8
1 parent 107aeac
commit eaec1b8
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/salt/haproxy/config/haproxy.cfg.jinja b/salt/haproxy/config/haproxy.cfg.jinja
@@ -205,7 +205,7 @@ backend {{ service }}
 
     {% if config.get("hpkp", True) and pillar["tls"].get("pins") -%}
     # Add HPKP headers for anything that is configured to have them.
-    http-response set-header Public-Key-Pins max-age={{ config.get("hpkp_seconds", 86400) }};\ {% if config.get("hpkp_subdomains", True) %}includeSubDomains;\ {% endif %}{% for pin in pillar["tls"]["pins"] %}pin-sha256="{{ pin }}";\ {% endfor %}
+    http-response set-header Public-Key-Pins max-age={{ config.get("hpkp_seconds", 604800) }};\ {% if config.get("hpkp_subdomains", True) %}includeSubDomains;\ {% endif %}{% for pin in pillar["tls"]["pins"] %}pin-sha256="{{ pin }}";\ {% endfor %}
     {%- endif %}
 
     {% for item in config.get("extra", []) -%}

diff --git a/salt/haproxy/config/nginx-redirect.conf.jinja b/salt/haproxy/config/nginx-redirect.conf.jinja
@@ -8,7 +8,7 @@ server {
 
     {% if config.get("hpkp", True) and pillar["tls"].get("pins") -%}
     # Add HPKP headers for anything that is configured to have them.
-    add_header Public-Key-Pins 'max-age={{ config.get("hpkp_seconds", 86400) }}; {% if config.get("hpkp_subdomains", True) %}includeSubDomains; {% endif %}{% for pin in pillar["tls"]["pins"] %}pin-sha256="{{ pin }}"; {% endfor %}';
+    add_header Public-Key-Pins 'max-age={{ config.get("hpkp_seconds", 604800) }}; {% if config.get("hpkp_subdomains", True) %}includeSubDomains; {% endif %}{% for pin in pillar["tls"]["pins"] %}pin-sha256="{{ pin }}"; {% endfor %}';
     {%- endif %}
 
     return 301 http{% if config.get("tls", True) %}s{% endif %}://{{ config.target }}$request_uri;