My Oracle Support Banner

Site Lacks Strict Transport Security (Insufficient Transport Layer Protection) (Doc ID 2539390.1)

Last updated on JULY 07, 2021

Applies to:

Oracle Financial Services Revenue Management and Billing - Version 2.6.0.1.0 and later
Information in this document applies to any platform.

Goal

On Oracle Financial Services Revenue Management and Billing (ORMB) v2.6.0.1.0 against FW v4.3.0.4, TR - Translation Finding: Site Lacks Strict Transport Security (Insufficient Transport Layer Protection).

The site does not implement an HTTP Strict Transport Security (HSTS) policy. [HSTS is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using by only secure connections (HTTPS). HSTS is an IETF standards track protocol and is specified in RFC 6797.]

This article confirms what to do to add the security.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.