Hello I am trying enable HPKP for my ssl certificates adding code generated in ssh (with errors) in htacces and I can´t calculate the right sha256 for the public key because I receive errors due to wrong route path. I followed this tutorial trying many options (.key, .pem, .crs, .crt) adding code from ssh like openssl x509 -in www_mywebsite_fr.crt -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 but I received next errors: Error opening Certificate www_mywebsite_fr.crt 139985532938144:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('www_mywebsite_fr.crt','r') 139985532938144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load Public Key 140468587530144:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: PUBLIC KEY Code (markup): I checked in etc/ssl/certs for try add code from this path and here only i can see "localhost.crt" and I am searching one of my two websites certificates www_mysite_fr.crt Question 1 Where is located route/path of certficates installed from plesk in Centos 7 and apache 2.4.6 ? Is this error displayed due to an incorrect route when I add code by ssh to show publick key or could be due to another problem? Question 2 How can I enable DNS CAA when I have full website in https ? Any work to do from dns plesk or tip for add in htacces? Best regards and thank you very much