EddieJK_26590
Nov 14, 2016Nimbostratus
HSTS help with Server Name Identification
Hi,
I created an iRule to add HSTS on my VS as shown below. This is working. when HTTP_RESPONSE { HTTP::header insert Strict-Transport-Security "max-age=31536000; includeSubDomains" }
Now, for my VS, I added SNI (I have the three SSL client profiles and enabled it) so my VS can respond to non-www, and www on the one IP address. SSL key is a SSL SAN key and contains the non-www and www names.
When I go to SSL Labs, the non-www gets an A+. It shows HSTS is enabled. However, in the www site, SSL Labs gives it an A. It says HSTS is not enabled.
What am I missing here?
Thanks