Symptoms

How to configure pa-agent to use HSTS?

CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Base Score
5.8 (CVSS2#AV:N/AC:M/Au:N/C/I/A:N)

Resolution

The HSTS is required to tell browsers that the server should only be accessed using HTTPS instead of HTTP.

pa-agent is a web server that accepts and processes HCL requests over HTTPS.

It is not intended to communicate with pa-agent using a browser.

For the reason above there is no need to add HSTS.

Did you find it helpful? Yes No