wow, thank you so much for the energy & effort to help! awesome !
Yes I'm using certbot, cool.
I have used certbot as you mentioned above to generate a new certificate based on my backup key.
It generated three files:
I have made all the changes, including the PINNING.
I think this 10th time getting my head into this HPKP, I think I could probably have gotten this in my mind straight now. Asking a friend to verify if he can access the website now, which we have set into an "experiment" to understand this HPKP thing.
A question for you @ahaw021:
- Since I have manually generated this certificate. Next time when it expired, should I manually generate a new one or ask certbot to renew it? If with certbot renew, what's the command to use?
@ahaw021, you Sir, deserve a BIG KUDOS for your awesome response and pointers which have helped me understand/consolidate certain things in my mind. CHEERS