In the v24.1 SLM release, we’ve added support for HSTS to improve web security. To configure HSTS, follow these steps:
- Locate the appsettings.json file (default path: C:\Program Files\OpenLM\OpenLM Server\bin).
- Find the “HTTPSRequestsRedirectionEnabled” parameter (added after installation or upgrade) and set it to “true” to enable HSTS.
- Add an HTTPS section in the Kestrel Endpoint with the SSL link, following our SSL setup guide at https://www.openlm.com/docs/openlm-slm-installation-guide/setting-up-ssl-for-openlm-server-and-identity-service/. Choose a port different from the standard HTTP port.
- To disable HSTS, revert the “HTTPSRequestsRedirectionEnabled” parameter to “false” and remove the added HTTPS section.
- Ensure the HTTP section remains in the file for the OpenLM SLM to function properly.
- Note: The HTTP section must always be present in the file, regardless of whether the address is SSL-secured or not.
