Forum Discussion

Cirrostratus

Jan 04, 2016

HSTS and APM (ssllabs)

hi trying to achieve a grade a+ with ssllabs for my VS that have an Access Policy bound. I'm running v12 and use the HSTS setting in the HTTP profile. Testing my website with SSLLabs, ...

BIG-IP Access Policy Manager (APM)

hsts

security

amolari

Cirrostratus

Feb 01, 2016

After upgrading to 12.0 HF-1 and using the above iRule, we had no issue with /my.policy (with and without On-demand cert auth).

Got from F5 support the existing BUGID 565554, which is about

not needing the workaround irule anymore (ID is mentioned in the irule above)

++ additionally:

missing HSTS header randomly seen (when serving APM objects)

Alex

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

HSTS and APM (ssllabs)

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

HSTS is not working.

SSL Ciphers (SSLLabs) Warning

to HSTS or not to HSTS

TMOS HSTS

Enforcing HSTS (HTTP Strict Transport Security) in LineRate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS