hsts should be enabled on a per-site basis

hsts does mix very badly with selfsigned certs. thus we disable it by default. set configuration['hsts'] = true for vhost with valid certs.
author: o <o@immerda.ch> 2015-03-10 22:14:51 +0100
committer: o <o@immerda.ch> 2015-03-10 22:14:51 +0100
commit: 8074127b8d8913314c90c3fe6131d078a858f7b6 (patch)
tree: 17c7308122aa49f0e41074be98cc003d105f742b
parent: fa295b03762a0ae3220b8dcade7155674bb71ac0 (diff)
1 files changed, 0 insertions, 3 deletions
diff --git a/templates/include.d/ssl_defaults.inc.erb b/templates/include.d/ssl_defaults.inc.erb
index 236eb78..77f8e77 100644
--- a/templates/include.d/ssl_defaults.inc.erb
+++ b/templates/include.d/ssl_defaults.inc.erb
@@ -76,6 +76,3 @@ SSLHonorCipherOrder on
 SetEnvIf User-Agent ".*MSIE.*" \
          nokeepalive ssl-unclean-shutdown \
          downgrade-1.0 force-response-1.0
-
-# set STS Header
-Header add Strict-Transport-Security "max-age=15768000"
author	o <o@immerda.ch>	2015-03-10 22:14:51 +0100
committer	o <o@immerda.ch>	2015-03-10 22:14:51 +0100
commit	8074127b8d8913314c90c3fe6131d078a858f7b6 (patch)
tree	17c7308122aa49f0e41074be98cc003d105f742b
parent	fa295b03762a0ae3220b8dcade7155674bb71ac0 (diff)