
Death by HSTS preload copy/paste - carey
https://scotthelme.co.uk/death-by-copy-paste/
======
chaz6
I actually fell into this trap! One day I was struggling to figure out why I
could no longer access one of my web servers. I thought that it was due to one
of my plugins. After much hair pulling I found out that it was because someone
(or perhaps an automated bot) had added my domain to the hsts preload list. As
a short term fix I added the certificate of my web server to my trusted root
ca dtore, and now that LetsEncrypt supports IPv6 I now have a real certificate
(albeit one that does not work in BB10 since the native browser does not trust
user-installed root certificates).

