hsts:clear_hsts
This is an old revision of the document!
−Table of Contents
Clear HSTS
Cache time comes from the origin/site HSTS header.
This is set with something like
Strict-Transport-Security: max-age=16070400; includeSubDomains
This setting will continue to pass the HSTS header, unless it is disabled.
To disable HSTS for clients and wipe out their redirects use
Strict-Transport-Security: max-age=0
Specifying a zero time duration signals the UA to delete the HSTS Policy (including any asserted includeSubDomains directive) for that HSTS Host.
Clear HSTS in Firefox
Error code: ssl_error_bad_cert_domain.
If you see “I understand the risks”, follow these instructions. Otherwise:
- Close all tabs open with the site.
- Clear your history.
- In the address bar, type about:permissions.
- Search for and click on the site.
- Click “Forget About This Site”.
Clear HSTS in Google Chrome
Error message “Cannot connect to the real <domain name>.”
- In the address bar, type
chrome://net-internals/#hsts
- Type the domain name in the text field below “Delete domain”.
- Click the “Delete” button.
- Type the domain name in the text field below “Query domain”.
- Click the “Query” button.
- Your response should be “Not found”.
Clear HSTS in Opera
Error message “Cannot connect to the real <domain name>.”
- In the address bar, type
chrome://net-internals/#hsts
- Type the domain name in the text field below “Delete domain”.
- Click the “Delete” button.
- Type the domain name in the text field below “Query domain”.
- Click the “Query” button.
- Your response should be “Not found”.
Clear HSTS in Safari
- Close Safari.
- Delete the ~/Library/Cookies/HSTS.plist file.
- Reopen Safari
hsts/clear_hsts.1467369544.txt.gz · Last modified: 2020/07/15 09:30 (external edit)