How to Enable HTTP Strict Transport Security (HSTS) within a Secure Global Desktop Deployment (Doc ID 2098067.1)

Last updated on MAY 05, 2017

Applies to:

Oracle Secure Global Desktop - Version 5.2 and later
Oracle iPlanet Web Server - Version 7.0 to 7.0 [Release 7.0]
Information in this document applies to any platform.

Goal

HTTP Strict Transport Security (HSTS) is a web security policy designed to help secure HTTPS web servers against downgrade attacks.  SGD Administrators may be asked to enable this additional level of server hardening in production Secure Global Desktop deployments to meet site auditing requirements.

This document provides a quick overview of HSTS, and will provide instructions for enabling the technology within SGD.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms