You can adjust the HTTP Strict Transport Security (HSTS) max-age parameter in Change Guardian to ensure HTTPS connections remain enforced for at least one year.
To Configure the HSTS Header Settings:
Login to the Change Guardian server’s SSH console.
Navigate to the Jetty configuration directory.
/etc/opt/novell/sentinel/3rdparty/jetty/
Create a backup of the jetty.xml file.
Open jetty.xml in a text editor.
Find each instance of the Strict-Transport-Security header configuration and update the max-age value from 5 to 31536000.
Example 3-1 The configuration
<Item>
<New id="header" class="org.eclipse.jetty.rewrite.handler.HeaderPatternRule">
<Set name="pattern">*.html</Set>
<Set name="name">Strict-Transport-Security</Set>
<Set name="value">max-age=31536000</Set>
</New>
</Item>
Save your changes.
Restart the Change Guardian services to apply the configuration.
/opt/netiq/cg/scripts/cg_services.sh restart.