web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / The remote HTTPS serve...
Microsoft Dynamics CRM (Archived)

The remote HTTPS server does not send the HTTP Strict Transport Security Header - Dynamics CRM

(0) ShareShare
ReportReport
Posted on by SrinivasKamutam 30

Hi All,

Can anyone please help me with the below query? Any help is much appreciated.

As a part of our security scan we encountered an issue saying "The remote HTTPS server is not enforcing HTTP strict Transport Security (HSTS). The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the middle attacks, and weakens cookie-hijacking protections." and recommending to configure the remote web server to HSTS.

Did anyone configured HSTS for Dynamics CRM website and any challenges? And also, please let me know if any references on how to configure it.

Thanks in advance.

*This post is locked for comments

I have the same question (0)
  • Shaminderpal Singh Profile Picture
    Shaminderpal Singh 1,565 on at

    Hi-

    You need to implement tls 1.2 on your server which would potentially solve the risk of SSL hijacking.

    -Shaminder

  • SrinivasKamutam Profile Picture
    SrinivasKamutam 30 on at

    Thanks for the response Shamider.

    Our server is already enabled with TLS 1.2 but we still get this issue in our security scan.

    Any thoughts if HSTS is supported for Dynamics CRM website? If yes, how can we enable it?

  • Suggested answer
    sathis kumar Profile Picture
    sathis kumar on at

    I think HSTS or any thing related to HTTPS issue is not related to Dynamics CRM  better to check in IIS Web server related to Certificates and Security.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
ScottDurow Profile Picture

ScottDurow 2

#2
GJones Profile Picture

GJones 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans