security.txt Generator

Generate RFC 9116 compliant security.txt files with a simple form. Supports all fields including Contact, Expires, Encryption, Policy for vulnerability disclosure

Related Categories:SecurityWeb

Field InputRFC 9116

Contact (required)Required

URI starting with mailto: or https://. Use comma to add multiple

Expires (required)Required

ISO 8601 expiration date. Recommended within 1 year

Encryption

URL to PGP public key (https://)

Acknowledgments

URL to security researchers acknowledgment page

Preferred-Languages

Comma-separated language codes (e.g. en, ja)

Canonical

Canonical URL of this security.txt

Policy

URL to vulnerability disclosure policy

Hiring

URL to security-related job positions

Contact is required

Generated Output

Expires: 2027-03-30T10:28:17.626Z
Preferred-Languages: en

Placement

Place this file at /.well-known/security.txt. It is also recommended to place it at /security.txt.