From 9d5afe7f670c75742235c12e24bb87a3d6fb3279 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 25 Oct 2016 13:38:26 +0200
Subject: [PATCH] raise max-age for HTTP Public Key Pins from 3 days to 2 weeks

---
 modules/apache2/templates/ssl-key-pins.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/apache2/templates/ssl-key-pins.erb b/modules/apache2/templates/ssl-key-pins.erb
index ec5d1ec45..8f096b19c 100644
--- a/modules/apache2/templates/ssl-key-pins.erb
+++ b/modules/apache2/templates/ssl-key-pins.erb
@@ -23,7 +23,7 @@
     res << "<Macro http-pkp-#{site}>"
     if pin_info.size >= 2 then
       pin_info = pin_info.map{ |x| x.gsub('"', '\"') }
-      pin_info << "max-age=259200"
+      pin_info << "max-age=1209600"
       pin_str = pin_info.join("; ")
       res << "  Header always set Public-Key-Pins \"#{pin_str}\""
     else
-- 
2.20.1