HTTP Strict Transport Security (HSTS) in Oracle WebLogic Server

(Doc ID 2146367.1)

Last updated on APRIL 20, 2018

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.


HTTP Strict Transport Security (HSTS) is a web security policy mechanism where a web server declares that complying user agents (such as a browser) to use secure connections only (such as SSL). This is communicated by the server to the user agent via an HTTP response header field named "Strict-Transport-Security". A question is this: Is it supported and if so how to enable HTTP Strict Transport Security (HSTS) in Oracle WebLogic Server.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms