Please consider testing for it in SSL test
At the moment we only check for the presence of the HPKP header.
EDIT (21 Sep 2015): Full support for HPKP validation is now running on the development server: https://dev.ssllabs.com
and more: Public-Key-Pins test - Projects by Davis Mosenkovs
Ivan has indicated that this will be added to the test after browsers start supporting it - Add support for Must-Staple and Public-Key-Pins HTTP headers to SSL Labs
Also Re: How to configure (and test) the Public Key Pinning in Apache Http?
As you can see on the above link, Chrome supports it.
I've added it to the next minor release, which should be online next Monday. SSL Labs has always detected HPKP, but it wasn't shown as there were very few sites using it and no browsers supporting it.
Thank you very much!
Do you publish release notes?
SSL Labs now detects a HPKP header, but apparantly it does not validate the fingerprint. An invalid key yields a green "Yes" just like a valid one. Is there any parsing of the header at all, or do you just check for its presence?
Retrieving data ...