The header set directive for the HSTS header is added at the bottom of the file:
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
You can modify this file using Advanced File Configurator. See Advanced File Configurator
in the NetIQ Access Manager Appliance 5.0 Administration Guide.