diff --git a/src/freedombone-pin-cert b/src/freedombone-pin-cert
index 4ade7c9a8294ffb8f90e8375567f4ee05866635c..877069cb36f558b928be6f93ed577d2b615d89e3 100755
--- a/src/freedombone-pin-cert
+++ b/src/freedombone-pin-cert
@@ -50,11 +50,17 @@ KEY_HASH=$(openssl rsa -in $KEY_FILENAME -outform der -pubout | openssl dgst -sh
 
 PIN_HEADER="add_header Public-Key-Pins 'pin-sha256=\"${KEY_HASH}\"; max-age=5184000; includeSubDomains';"
 if ! grep -q "add_header Public-Key-Pins" $SITE_FILENAME; then
-    sed -i "/add_header Access-Control-Allow-Origin.*/a $PIN_HEADER" $SITE_FILENAME
+    sed -i "/ssl_ciphers.*/a $PIN_HEADER" $SITE_FILENAME
 else
     sed -i "s/add_header Public-Key-Pins.*/$PIN_HEADER/g" $SITE_FILENAME
 fi
 
 systemctl restart nginx
 
+if ! grep -q "add_header Public-Key-Pins" $SITE_FILENAME; then
+    echo $'Pinning failed'
+fi
+
+echo "Pinned $DOMAIN_NAME with hash $KEY_HASH"
+
 exit 0