Secure the application server using HTTP Strict Transport Security (HSTS)
We can secure the application server by first setting up HTTP Strict Transport Security (HSTS) in IBM HTTP Server. Then, add IBM HTTP Server as a front end to the application server environment so that connections between the application server and a client are over HTTPS.
Tasks
- Set up HSTS in IBM HTTP Server.
See the topic on setting up HTTP Strict Transport Security (HSTS).
- Add IBM HTTP Server as a front end to the application server environment.
See the topic on installing and configuring web server plug-ins to determine which option is best for the application server environment.
Set up HTTP Strict Transport Security (HSTS) Configure web server plug-ins (ZOS) Install and configuring the plug-in for IBM HTTP Server for WAS on z/OS