simonvareille/keyserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add HTTPS public key pinning

Browse Source
This commit is contained in:
Tankred Hase
2016-06-10 17:48:41 +02:00
parent 68fba28dd9
commit 4b183c8976
4 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -219,6 +219,8 @@ npm start
The `config/development.js` file can be used to configure a local development installation. For production use, the following environment variables need to be set:
* NODE_ENV=production
* UPGRADE_HTTPS=true (upgrade HTTP to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=<base64 encoded sha256> (use [HPKP](https://developer.mozilla.org/de/docs/Web/Security/Public_Key_Pinning))
* MONGO_URI=127.0.0.1:27017/test_db
* MONGO_USER=db_user
* MONGO_PASS=db_password