My Oracle Support Banner

Can the flag "add-secure-to-ssl-cookie" be enabled in Convergence? (Doc ID 2710589.1)

Last updated on JUNE 22, 2023

Applies to:

Oracle Communications Convergence - Version 3.0.2 and later
Information in this document applies to any platform.


One of our internal teams asked us to set the secure attribute on cookies within Convergence.

They state:

"The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel HTTPS so the session tokens used should never be transmitted over unencrypted communications."

How can the flag "add-secure-to-ssl-cookie" be enabled?

Our goal is to implement a scenario where for each cookie sent over SSL on the web-site, the "Secure" flag is added to the cookie. For example:

In our configuration, base.enablealwaysssl is enabled and base.hstsmaxage is set to 300.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.