about expired key

[oottoohh]

Hi @frw, if i have 2 key. old key is gonna be expired but still valid and new key with extended expired time. if i put this two of key which one key can be set ? is it just set to the trustkit which one the valid key ?

[frw]

You can add both keys into the pinning configuration. This library will allow the connection to go through if any of the keys in the pinning configuration matches the certs returned by the server.

This is also why in the README we encourage folks to set up a backup key and add it to the pinning configuration to prevent users from getting locked out from making network requests to your server.