hsts:clear_hsts
This is an old revision of the document!
Table of Contents
Clear HSTS
Besides clearing the HSTS in the web-browser, you could also make your application send an HSTS header with max-age=0. In your controller:
response.headers["Strict-Transport-Security"] = 'max-age=0'
Clear HSTS in Firefox
Error code: ssl_error_bad_cert_domain.
If you see “I understand the risks”, follow these instructions. Otherwise:
- Close all tabs open with the site.
- Clear your history.
- In the address bar, type about:permissions.
- Search for and click on the site.
- Click “Forget About This Site”.
Clear HSTS in Google Chrome
Error message “Cannot connect to the real <domain name>.”
- In the address bar, type
chrome://net-internals/#hsts
- Type the domain name in the text field below “Delete domain”.
- Click the “Delete” button.
- Type the domain name in the text field below “Query domain”.
- Click the “Query” button.
- Your response should be “Not found”.
Clear HSTS in Opera
Error message “Cannot connect to the real <domain name>.”
- In the address bar, type
chrome://net-internals/#hsts
- Type the domain name in the text field below “Delete domain”.
- Click the “Delete” button.
- Type the domain name in the text field below “Query domain”.
- Click the “Query” button.
- Your response should be “Not found”.
Clear HSTS in Safari
- Close Safari.
- Delete the ~/Library/Cookies/HSTS.plist file.
- Reopen Safari
hsts/clear_hsts.1467368629.txt.gz · Last modified: 2020/07/15 09:30 (external edit)