Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Does Cisco ACE support HSTS?

Hi All!

Does anybody know whether HTTP Strict Transport Security is supported on ACE? If so, which software version supports it?

 

Regards,

Miro
 

Everyone's tags (1)
3 REPLIES
Cisco Employee

Hi Miro,I cannot find

Hi Miro,

I cannot find anything which mentions specifically about this in latest releases as well. But i don't think there should be a problem since it is servers which tells the client to communicate over HTTPS for whatever time. If client comes on HTTPS and there is a proper configuration in place on ACE, then it will match the condition and ACE will just treat it as normal SSL traffic.

If you are looking for ACE to insert the "strict transport security" header, i again don't see a problem with that. Is there any other expectation here from ACE are you looking for?

Regards,

Kanwal

Community Member

One of our customers has been

One of our customers has been advised to have it enabled on ACE, hence my research.

I was initially looking for a command to enable HSTS, however, as found here:

https://www.owasp.org/index.php/HTTP_Strict_Transport_Security

(and customer's sites are within the same domain), it's recommended to use HTTP code 301 redirection (as it is now).

Out of curiosity, how would you insert it on ACE?
 

Cisco Employee

Hi Miro,You can use "insert

Hi Miro,

You can use "insert http" command under policy map once you have defined the serverfarm.

Regards,

Kanwal

 

 

699
Views
0
Helpful
3
Replies
CreatePlease to create content