HSTS and HPKP has implications for Smoothwall and its client devices; what are they?

Article #: Product Castle
1885 All All

Summary

How HTTP Strict Transport Security (HSTS) and HTTP Public Key Pinning (HPKP) can affect Smoothwall and its client devices.

Problem

HSTS and HPKP has implications for Smoothwall and its client devices.

HSTS:

  • Forces browsers to connect to sites securely
  • Ensures that the browser only connects to that site securely in the future
  • Ensures that certificate related errors cannot be clicked through by the user

HPKP:

  • Ensures a browser only connects to an HTTPS site using the specified certificate
  • Ensures that certificate related errors cannot be clicked through by the user

Solution

For client devices with the Smoothwall's HTTPS certificate installed for Decrypt and inspect, neither of these standards should have any effect, though this may change in the future. 

For client devices without Smoothwall's HTTPS certificate installed for Decrypt and inspect, users may see certificate errors that cannot be bypassed. This can occur if the Smoothwall tries to serve a HTTPS blockpage or there is an issue with the site itself. 

If these errors are occurring, either:

Attribution:

Last updated: Author: Contributions by:
06 September 2016   DMT