This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 16%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Hi
We have 3 Exchange server2019 with DAG configured on windows server 2019.
We need to enable to HSTS,
I have setting to configure on Default Web site --> HSTS and enter below entries:
Max-age 31536000
Enable incluseSubDomains
Enable Preload
Is this setting correct and Is there any impect on exchange server for users and DBs ?
A robust email, calendaring, and collaboration platform developed by Microsoft, designed for enterprise-level communication and data management.Miscellaneous topics that do not fit into specific categories.
The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 31%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJX%3C/text%3E%3C/svg%3E)
Hi @Mohammed Nadeem ,
The setting is correct. Refer to: Configure HSTS on Exchange Server
Configure HSTS on Windows Server 2019 and higher:
1. Sign in to the Exchange Server and start Internet Information Services (IIS) Manager.
2. Click in the connections panel on Default Web Site.
3. Click in the actions panel on HSTS…
4. Check the checkboxes and fill in the Max-Age: 31536000. Click OK.
You could check it:
1. Start your favorite web browser and go to the Exchange Server OWA address.
2. Open the browser inspector tool > Network.
3. Click on the refresh button or press F5 to reload the page.
4. Select the document HTML URL and verify that it shows the header:
strict-transport-security: max-age=31536000; includeSubDomains; preload
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Is there any impact on users or Exchange DB level for enabling it ?
