Hot!HSTS Problem

New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Status: offline
2018/08/19 03:06:54 (permalink) 6.0

HSTS Problem

I have a problem with my Web filter is not passing HSTS traffic on firefox.
How can i do this?
Best Regards

2 Replies Related Threads

    Expert Member
    • Total Posts : 5108
    • Scores: 318
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: HSTS Problem 2018/08/19 09:12:38 (permalink)
    You need to explain more? is this  HTTPS problem?  ( no such thing as HSTS traffic btw )
    next are you doing SSL inspection? Did you  try eliminating this site from SSL inspection, if yes did it work? Did you  flush the FF browser   HSTS cache?

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    Nicholas Doropoulos
    Silver Member
    • Total Posts : 72
    • Scores: 2
    • Reward points: 0
    • Joined: 2018/05/03 13:49:11
    • Status: offline
    Re: HSTS Problem 2018/08/19 09:18:15 (permalink)
    Assuming you are already using deep inspection on Fortigate, you would first need to remove the stored HSTS flag on Firefox. Follow the instructions below and advise results:
    Open your current Firefox settings (AKA Firefox profile) folder using either
    • "3-bar" menu button > "?" button > Troubleshooting Information
    • (menu bar) Help > Troubleshooting Information
    • type or paste about:support in the address bar and press Enter
    In the first table on the page, click the "Open Directory" (or similar) button. This should launch a new window listing various files and folders in your file browser.
    Leaving that window open, switch back to Firefox and Exit/Quit, either:
    • "3-bar" menu button > "power" button
    • (menu bar) File > Exit / Quit
    Pause while Firefox finishes its cleanup, then open SiteSecurityServiceState.txt in your preferred text editor and delete all lines for the hostname you need to access and save the file.
    When you start Firefox again, on your first visit, Firefox normally ignores the HSTS status because it hasn't gotten past the handshake.

    NSE5, NSE 4, CCSA, CCNA R&S, CompTIA A+, CompTIA Network+, CompTIA Security+, MTA Security, ITIL v3
    Jump to:
    © 2019 APG vNext Commercial Version 5.5