Hi, I’m experimenting with Public Key Pinning (HPKP).
So when I renewed the certificate, HPKP was affected. At this point I’m not sure how to PIN in a way that will never mess up the HPKP whenever there’s a certificate renewal.
Assuming that the website is now not accessible anymore because of the keys in the HPKP having changed during the renewal - in other words a bricked website now.
So I have two questions:
How can I bypass the mess HPKP did, that is, not giving access to the website.
Will a certificate revocation nullify that?
Anyone has a clear guide of how to achieve correct way of doing pinning (HPKP) which will not get messed up whenever there’s a certificate renewal?