I appreciated the assistance with the cipher list issue last week. Our client has an additional question regarding our 4D Stand Alone - Web Server enabled application. Below is the question they asked us today. Is this something anyone has run across or for which there is a known solution?
********* Note from Client Start ********* The last thing I’m troubleshooting is a HTTP Strict Transport Security (HSTS) error that’s popping up in my SSL test. I’ve quickly done some research and the typical way to add this is inside a file like “httpd.conf” and adding the “Strict-Transport-Security: max-age=31536000” text in there followed by a restart. Is this something you guys have dealt with before. Seems pretty simple, but I just need to figure out where to add this configuration setting so I can resolve the error. Here’s a quick link to what HSTS is in case you aren’t familiar. https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet ********* Note from Client End ********* Thanks in advance for any assistance, Mike McCall ********************************************************************** 4D Internet Users Group (4D iNUG) FAQ: http://lists.4d.com/faqnug.html Archive: http://lists.4d.com/archives.html Options: http://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
