How to enable HSTS on JS Report Server 7

book

Article ID: 224271

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

We need information related to enabling the remote HTTPS report server sends the HTTP "Strict-Transport-Security" header.

 

Environment

Release : 15.9

Component :Jaspersoft 

Resolution

You'll need to configure the Strict-Transport-Security header at Tomcat level as described in this article:


https://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/index.html#page/ThingWorx/Help/Composer/Security/enabling_hsts_in_apache_tomcat.html

 

Additional Information

As noted in the article, the Strict-Transport-Security header is returned only if the user accesses a website via HTTPS, therefore, Tomcat must be configured with SSL/TLS