is it possible to support HPKP on the proxy in case of SSL Intercept? (Maybe using PDs?)
No Solution :-(?
I'm tinkering with this right now. If I manage to come up with a solution, I will post it here.
if you hava a solution it would be glad toshow it here.
I don't find a way to get the CA Hash from the connection which is required to verify it against the HPKP Header....
I was pinning my hopes on SSL.Server.Certificate.SHA2-256Digest. But, I still have to figure out how to work with the header ().
with SSL.Server.Certificate.SHA2-256Digest you will get the SHA256 digest from the whole certificate. For check the pinning you will need to have the SHA2-Digest from the servers public key....
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC