Project

General

Profile

Actions

Bug #6650

closed

Option needed to disable HSTS

Added by Michael Newton over 5 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
07/27/2016
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.3.2
Affected Architecture:
All

Description

HSTS is based solely on hosts, and not port numbers. As a result, any HTTPS devices behind the pfSense are unreachable via NAT, because the browser refuses to connect. Trying to connect to https://pfsense:2345/ gives an error that can't be bypassed because I previously visited https://pfsense/.

There needs to be an option to disable HSTS on the system.

Actions

Also available in: Atom PDF