HSTS Support

0 users found this article helpful

Parallels RAS v.17 includes support for HTTP Strict Transport Secuirty (HSTS). The HSTS settings button allows you to enforce HSTS, which is a mechanism that makes a web browser communicate with the web server using only secure HTTPS connections. When HSTS is enforced for a RAS Secure Client Gateway, all web requests to it will be forced to use HTTPS. This specifically affects the RAS HTML5 Gateway, which can normally accept both HTTP and HTTPS requests.

In RAS v.17.1 the button has been moved to SSL/TLS tab:

When you click the HSTS settings button, the HSTS Settings dialogue opens where you can specify the following:

 

Note: To use HSTS preload, you must submit your domain name for inclusion in Chrome's HSTS preload list. Your domain will be hardcoded into all web browser that use the list.

Inclusion in the preload list cannot easily be undone.

You should only request inclusion if you are sure that you can support HTTPS for your entire site and all its subdomains in the long term (usually 12 years).

Your website must have a valid SSL certificate. See Assessing SSL Server Configuration.

All subdomains (if any) must be covered in your SSL Certificate. Consider ordering a Wildcard Certificate.

Was this article helpful?

Tell us how we can improve it.