Advertisements
To enable HSTS in Jboss from jboss-cli.sh command line execute the following:
/subsystem=undertow/configuration=filter/response-header=hsts-header:add(header-name="Strict-Transport-Security",header-value="max-age=31536000;")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=hsts-header:add
The following curl command can be used to verify the response header is returned correctly:
❯ curl --insecure -i https://localhost:8443/myapp
HTTP/2 302
strict-transport-security: max-age=31536000;
location: https://localhost:8443/myapp/
content-length: 0
date: Tue, 22 Feb 2022 08:25:27 GMT