Manage the HTTP server

To use HTTP, specify the HTTP settings for both the SecureTransport Edge and SecureTransport Server.

  1. Select one or both of Enable HTTP and Enable HTTPS. If you select Enable HTTPS, by default Enable HSTS will also be selected. You can also deselect Enable HSTS once Enable HTTPS is selected. When HSTS is enabled, a HSTS response will always be sent, redirecting the plain HTTP connection to HTTPS. Enabling HSTS requires a HTTP server restart.
  2. The Server Configuration options for HSTS are:
    • For administrator's:
      • Admin.Security.Hsts.enabled - Enable or disable HSTS for administrator server. Possible values are: true or false. The default value is true.
      • Admin.Security.Hsts.max-age - HSTS header maximum age attribute value for the administrator server measured in seconds. The default value is 6-months which is equivalent to 15768000 seconds.
    • For end-user's:
      • Http.Security.Hsts.enabled - Enable or disable HSTS for the HTTP server. Possible values are: true or false. It is only editable from the Server Configuration page. The default value is true.
      • Http.Security.Hsts.max-age - HSTS header maximum age attribute value for the HTTP server measured in seconds. The default value is 6-months which is equivalent to 15768000 seconds.
  3. For additional information on editable server configuration parameters, refer to Editable server configuration parameters.
  4. The default HTTP port number is 80 for root installations and 8080 for non-root installations. The default HTTPS port number is 443 for root installations and 8443 for non-root installations. If a default port is in use, SecureTransport displays a message and you must change the Port to use a port number other than the default setting.
  5. If you enabled HTTPS, select an SSL Key Alias from the drop-down list, for example, httpd. If you enabled HTTPS, HSTS will also be enabled unless you deselect it. For information about storing the HTTPS certificate in a hardware security module, see Store certificates in a hardware security module.
  6. If you enabled HTTPS, to restrict HTTPS connections to FIPS 140-2 Level 1 certified cryptographic libraries, select the Enable FIPS Transfer Mode check box. For more information, see FIPS transfer mode.
  7. Click Start.
Note To enable HTTP without SSL (HTTP and not HTTPS), you must create an SSL encryption entry for a user class with SSL encryption optional. See Manage SSL access.

Related topics:

Related Links