Forum Discussion

Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
May 17, 2016

How to disable HSTS on the management interface ?

Hi,   I regularly have to clean my browser cache to be able to connect to the BIG-IP management webui due to the HSTS feature.   I saw that this header is served in response from BIG-IP mgmt we...
BIG-IP
LTM
mgmt
security
Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus

Hi, Of course the server certificate is invalid.

 

You can find the same issue in english, if you have a look at the last sentence, chrome clearly block the connection due to hsts use. :)

 

Clearly, I'm just refused connection to ssl servers that use hsts when using fiddler for example. I think that I visited the first time my website, I got a response with an hsts header included. When I try again through a proxy or wifi captive portal, the response doesn't contain the hsts header. In this case, chrome block access to the website.

 

 

I got the same when browsing with my Android smartphone.

 

Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Jun 21, 2016
Hi, I have the same issue when renewing a device certificate for example. But that's ok, I clear the HSTS cache and everything goes fine