HTTP Strict Transport Security (HSTS) with App Control Server
search cancel

HTTP Strict Transport Security (HSTS) with App Control Server


Article ID: 287168


Updated On:


Carbon Black App Control (formerly Cb Protection)


Can HTTP Strict Transport Security be enabled on the App Control server?


  • App Control Server: All Supported Versions


HTTP Strict Transport Security can be configured on the App Control server, however it is not a requirement per OER

To enable HSTS for the App Control web site:

  1. Log in to the application server as the Carbon Black Service Account.
  2. Open IIS Manager.
    1. Expand: ServerName > Sites > choose Parity Console Web
    2. From the right-hand menu > Manage Website > Configure > HSTS...
    3. Verify Enabled is checked
  3. From an administrative command prompt issue the command:
  4. Restart the Carbon Black App Control Server and Carbon Black App Control Reporter services.
  5. Log in to the Console and verify Agents are beginning to reconnect.

Additional Information

HTTP Strict Transport Security is an IIS configuration and not related to do the App Control settings.