<style>p { margin: 0 0 10px; }h1, h2, h3 { margin: 20px 0 10px; }h4, h5, h6 { margin: 10px 0 10px; }</style><p>This ensures all traffic to the Halo site can only use a secure HTTPS connection.</p> <p>HTTPS must already be configured for the web application.</p> <p>Currently, these steps are required after any upgrade. If HTTPS/SSL is not configured, and HSTS is enabled, the application will not work.</p> <p>Open web.config in the root of your Halo web application website files.</p> <p>Search for <code>&lt;!--HSTS</code>.</p> <p>You should see a line that looks like this;</p> <pre><code>&lt;!--HSTS&lt;add name=&quot;Strict-Transport-Security&quot; value=&quot;max-age=31536000; IncludeSubDomains&quot; /&gt;--&gt; </code></pre> <p>Remove <code>&lt;!--HSTS</code> from the start and <code>--&gt;</code> from the end of the line.</p> <p>Save changes.</p> <p>Restart the website in IIS.</p>