Is HTTP Strict Transport Security (HSTS) enabled on PAM?
search cancel

Is HTTP Strict Transport Security (HSTS) enabled on PAM?

book

Article ID: 103738

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)

Issue/Introduction



Is HTTP Strict Transport Security (HSTS) enabled on PAM?

Resolution

HTTP Strict Transport Security (HSTS) is enabled.

Additional Information

It is possible to also verify HSTS by using the Linux curl command as follows:

# curl -s -k -D- https://<pamserver> | grep -i Strict
Strict-Transport-Security: max-age=31536000; includeSubDomains 

If HSTS is enabled, there will be a Strict-Transport-Security header with the 'max-age' returned.

Following has some additional information:

https://www.namecheap.com/support/knowledgebase/article.aspx/9711/38/how-to-check-if-hsts-is-enabled/

Powered by Wolken Software