Hi,
I using 12.0.3 on RPI3, installed 11.0.3 using app installer provided by berryboot, upgraded since .
Cannot seem to get rid of “Strict-Transport-Security” HTTP header warning message.
I’ve followed instructions from;
https://docs.nextcloud.com/server/12/admin_manual/configuration_server/harden_server.html#use-https
and added:
<VirtualHost *:80>
ServerName mypi.my www.com
Redirect permanent / https:// mypi.my www.com/
< /VirtualHost>
and
> <VirtualHost *:443>
> ServerName mypi. mywww.com
>
> Header always set Strict-Transport-Security “max-age=15552000; includeSubDomains”
>
> < /VirtualHost>
to my virtual host files, but warning doesn’t go away.
My rpi is behind an ISP firewall and a router and ports 80 and 443 were already in use and forward to a VM running OpenERP (Now called Odoo). So i have external port (2443) forwarding to internal_IP_of_RPI:443.
Works fine, also for sharing, but could this be the reason for the warning is still being trigered?
I’ve tried to replicate the error in another, manually installed LAMP Ubuntu16LTS, instance of Nextcloud 12.0.3 in Virtualbox, but cant do it, warning message disappears after adding code to VirtualHosts and reloading Apache2.