web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / The remote HTTPS serve...
Microsoft Dynamics CRM (Archived)

The remote HTTPS server does not send the HTTP Strict Transport Security Header - Dynamics CRM

(0) ShareShare
ReportReport
Posted on by SrinivasKamutam 30

Hi All,

Can anyone please help me with the below query? Any help is much appreciated.

As a part of our security scan we encountered an issue saying "The remote HTTPS server is not enforcing HTTP strict Transport Security (HSTS). The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the middle attacks, and weakens cookie-hijacking protections." and recommending to configure the remote web server to HSTS.

Did anyone configured HSTS for Dynamics CRM website and any challenges? And also, please let me know if any references on how to configure it.

Thanks in advance.

*This post is locked for comments

I have the same question (0)
  • Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at

    Hi-

    You need to implement tls 1.2 on your server which would potentially solve the risk of SSL hijacking.

    -Shaminder

  • SrinivasKamutam Profile Picture
    SrinivasKamutam 30 on at

    Thanks for the response Shamider.

    Our server is already enabled with TLS 1.2 but we still get this issue in our security scan.

    Any thoughts if HSTS is supported for Dynamics CRM website? If yes, how can we enable it?

  • Suggested answer
    sathis kumar Profile Picture
    sathis kumar on at

    I think HSTS or any thing related to HTTPS issue is not related to Dynamics CRM  better to check in IIS Web server related to Certificates and Security.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans