Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
Situation
Customer has been using NAM for quite some time and are trying to get an A+ SSL
Labs rating on their environment. Apparently all they are missing at this moment
is support for HTTP Strict Transport Security (HSTS). How does one go about enabling support for this in NAM.
Resolution
We can do this with the Access Gateway in 4.0 based on https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. The following steps must be completed:
a) modify httpd.conf and comment out the mod_headers library
b) add the following to the httpd.conf file
Header always set
Strict-Transport-Security "max-age=31536000; includeSubDomains"
After doing this, SSLLabs reported an A+ rating against our NAM devices.