Uploaded image for project: 'Ansible Automation Platform RFEs'
  1. Ansible Automation Platform RFEs
  2. AAPRFE-225

Prolong HSTS to one or two years

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Won't Do
    • Icon: Normal Normal
    • 2.3
    • 2.1, 2.2, 2.3
    • platform-installer
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      1. What is the nature and description of the request?
        1. HSTS is set to 6 months only
      2. Why does the customer need this? (List the business requirements here)
        1. Security requirements and best practice suggest to extend it to 1 or 2 years (for example https://ssl-config.mozilla.org/#server=nginx&version=1.20.1&config=intermediate&openssl=1.1.1k&guideline=5.6)
      3. How would you like to achieve this? (List the functional requirements here)
        1. Change configuration in automation-controller.nginx.conf from add_header Strict-Transport-Security max-age=15768000; to add_header Strict-Transport-Security max-age=63072000;
      4. List any affected known dependencies: Doc, UI etc..
        1. N/A
      5. Github Link if any
        1. N/A

            simaishi@redhat.com Satoe Imaishi
            rhn-support-jskacel Jindrich Skacel
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: