From 5b1ece962a0c28fb280aac2952d44f719c097084 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 4 Oct 2016 08:35:52 +0200
Subject: [PATCH] raise max-age for HTTP Public Key Pins from 5 min to 1 hour

---
 modules/apache2/templates/ssl-key-pins.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/apache2/templates/ssl-key-pins.erb b/modules/apache2/templates/ssl-key-pins.erb
index 41cfceaf8..119f8a421 100644
--- a/modules/apache2/templates/ssl-key-pins.erb
+++ b/modules/apache2/templates/ssl-key-pins.erb
@@ -23,7 +23,7 @@
     res << "<Macro http-pkp-#{site}>"
     if pin_info.size >= 2 then
       pin_info = pin_info.map{ |x| x.gsub('"', '\"') }
-      pin_info << "max-age=300"
+      pin_info << "max-age=3600"
       pin_str = pin_info.join("; ")
       res << "  Header always set Public-Key-Pins \"#{pin_str}\""
     else
-- 
2.20.1