The following document describes how to enable HSTS configuration for CA Service Catalog.

Release : 17.4

Component : CA Service Catalog

1. Ensure that SSL is enabled for CA Service Catalog (link)

2. Edit the %USM_HOME%\view\webapps\usm\WEB-INF\web.xml file. 

3. Locate the line that reads as   <!-- HSTS filter will be enable only if SSL is enabled (around line 196).  There will be a "<!--" comment line just above the <filter> tag, about three lines down.  Remove this comment line and the corresponding "-->" comment line, about 20 lines further down (past the corresponding </filter> tag.

4.  Locate the line that reads as <!-- HSTS related Filter mapping  (around line 369).  There will be a "<!--" comment line just above the <filter-mapping> tag, about three lines down.  Remove this comment line and the corresponding "-->" comment line, about 6 lines further down.  This will enable five "filter-mapping" tags related to HSTS.

5. Save and close the web.xml file. 

6. Restart the CA Service Catalog Services.

Please test the above in a non-prod environment before running the change in prod.

The above file should also be included as part of any maintenance checklists during a product upgrade or migration activity.