This article is no longer maintained, so its content might be out of date.
HTTP Public Key Pinning (HPKP) is a security feature that prevents attackers from using fraudulent or misused certificates to impersonate a site. It allows the owner of a site to specify who can issue valid certificates with that identity, rather than accepting any one of the hundreds of built-in root certificates that ship with your browser.
For more information, see HTTP Public Key Pinning at MDN Web Docs.
What happens if I see a key pinning error page?
If a site uses key pinning and its certificate chain does not match the pin, Firefox will reject the connection and show a Secure Connection Failed error page with the message,
The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden. Error code: MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE.
This is done for your protection, so you don't inadvertently visit a site that's not authentic.
What can I do if Firefox rejects the connection?
If you believe that Firefox rejected the connection in error, report it to us by checking the box next to Report errors like this to help Mozilla identify and block malicious sites. It is up to the website owner to update their key pinning.