Confirmed users
238
edits
SecurityEngineering/Public Key Pinning/SiteOperators: Difference between revisions
Jump to navigation
Jump to search
SecurityEngineering/Public Key Pinning/SiteOperators (view source)
Revision as of 16:41, 27 May 2014
, 27 May 2014→How can you test your pins?
| Line 9: | Line 9: | ||
== How can you test your pins? == | == How can you test your pins? == | ||
# Go to about:config and make sure that security.cert_pinning.enforcement_level = 1 (allow user-specified trust anchors to override pinning checks) or 2 (strict mode) | # Go to about:config and make sure that security.cert_pinning.enforcement_level = 1 (allow user-specified trust anchors to override pinning checks) or 2 (strict mode). There is an additional enforcement level, 3, for enforcing test pins if you'd like to enable that instead. | ||
# Visit https://pinningtest.appspot.com to make sure you see a warning. | # Visit https://pinningtest.appspot.com to make sure you see a warning. | ||
# Visit all your sites! | # Visit all your sites! | ||