VA || HSTS Missing From HTTPS Server (RFC 6797)
If Client Has raised a VA for HSTS on any of the website of PAM we can follow below solution to mitigate the VA:
Method 1: Using IIS Manager GUI
Open IIS Manager:
Select Your Website:
In IIS Manager, expand the server node and select your website.
HTTP Response Headers:
Double-click on the HTTP Response Headers icon in the website Home pane.
Add a Custom Header:
In the Actions pane (on the right), click on Add....
Enter Strict-Transport-Security as the name.
Enter max-age=31536000 (or your preferred value in seconds) as the value. This specifies how long HSTS is enforced (e.g., one year).
Apply Changes:
Click OK to save the header.
Restart the Website:
Restart your website to apply the changes.
Method 2: Using Web.config file
Search for system.webServer and add below configuration under customHeaders
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Strict-Transport-Security" value="max-age=31536000" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
Related Articles
ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY while accessing using https
Problem Getting Below error while accessing PAM Websites using https but working with http binding. Solution Open Registry Edit. Go to the Location :- "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters" Right Click on Parameters. ...The underlying connection was closed: An unexpected error occured on a send || Error while accessing/logging in server manager.
ISSUE: You are receiving the below error while accessing or logging in to ARCON server manager: The underlying connection was closed: An unexpected error occured on a send REASON: This error is encountered when the client has performed TLS 1.2 ...A network-related or instance specific error while accessing Server Manager or any service through ACMO.
Issue If you are getting the error while accessing server manager or accessing any service through ACMO. Resolution Just enable the Web Service DT for Database (Server Manager) from the Admin Settings page to resolve the error for Server Manager To ...VA || How to resolve CVE-2016-2183 - Birthday attacks against Transport Layer Security
Introduction To resolve CVE-2016-2183 - Birthday attacks against Transport Layer Security we need to do some changes in RegEdit. Solution 1. Open RegEdit. 2. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers ...Alert feature not working using Graph API process (A connection with the server could not be established)
If you are facing an issue with alert mechanism where email notifications are not working and "O365 server not connecting . A connection with the server could not be established" error in the event viewer of Alert service. Below is the error snapshot ...