Em 01-10-2015 12:58, Carlin Bingham escreveu: > That redirect will only be used the first time a browser (that supports HSTS) > accesses the domain. Once they've been redirected to your https host the HSTS > flag will be set in their browser and from then on the browser will > immediately use https for your domain without going through the redirect.
The redirect is still necessary, given the fact that STS headers have a expiration time. So, configure and forget the redirect and always maintain your TLS setup working, and you should be fine. Cheers, Giancarlo Razzolini