Select Page

As part of our normal review of such things I ran an SSL Labs test on our sites only to discover that we now had double header entries in our responses for Strict-Transport-Security.

Not a terrible thing but the SSL test does point it out and after some examination I realized that Domino now adds that header automatically once you only use HTTPS or if you redirect to HTTPS as explained by the very helpful Dave Kern right here:

Since we use a Netscaler in front of our Domino servers to add a variety of security measures and other network enhancements, I decided I did not want Domino also adding its own header so I set the nifty .ini setting of …


which did the trick!