Cleanup HKPK docs

This commit is contained in:
Tankred Hase 2016-06-10 19:33:07 +02:00
parent 9d4ab633af
commit 7a8600ae9c

View File

@ -219,9 +219,6 @@ npm start
The `config/development.js` file can be used to configure a local development installation. For production use, the following environment variables need to be set: The `config/development.js` file can be used to configure a local development installation. For production use, the following environment variables need to be set:
* NODE_ENV=production * NODE_ENV=production
* UPGRADE_HTTPS=true (upgrade HTTP to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=base64_encoded_sha256 (use [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256
* MONGO_URI=127.0.0.1:27017/test_db * MONGO_URI=127.0.0.1:27017/test_db
* MONGO_USER=db_user * MONGO_USER=db_user
* MONGO_PASS=db_password * MONGO_PASS=db_password
@ -234,6 +231,9 @@ The `config/development.js` file can be used to configure a local development in
* SMTP_PASS=smtp_pass * SMTP_PASS=smtp_pass
* SENDER_NAME="OpenPGP Key Server" * SENDER_NAME="OpenPGP Key Server"
* SENDER_EMAIL=noreply@example.com * SENDER_EMAIL=noreply@example.com
* UPGRADE_HTTPS=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))