Hi, I just testing oc 8.1.x from today. my setup is: "debian8-haproxy"->"debian8->http single node" Unfortunately i cannot get rid of the message in the admin part:
"The "Strict-Transport-Security" HTTP header is not configured to least "2,678,400" seconds. This is a potential security risk and we recommend adjusting this setting." But even https://www.ssllabs.com/ssltest shows Strict Transport Security (HSTS) Yes max-age=31536000; includeSubDomains My Haproxy setup is following: reqadd X-Forwarded-Proto:\ https # Distinguish between secure and insecure requests acl secure dst_port eq 443 # Mark all cookies as secure if sent over SSL rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure # Add the HSTS header with a 1 year max-age rspadd Strict-Transport-Security:\ max-age=31536000;\ includeSubDomains if secure default_backend www-backend How is this test is done? Is this test failing with ssl truncation with haproxy? thanks, Arman. *********************************************************** Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany *********************************************************** _______________________________________________ Devel mailing list [email protected] http://mailman.owncloud.org/mailman/listinfo/devel
