This section includes the following topics:
-
Section 4.1, Enabling SSL Communication between Access Gateway and Identity Server
-
Section 4.2, Enabling Secure Cookies
-
Section 4.3, Disabling Phishing
-
Section 4.4, Disabling Weak Protocols
-
Section 4.5, Configuring Stronger Ciphers for SSL Communication
-
Section 4.6, Enabling Perfect Forward Secrecy
-
Section 4.7, Adding HTTP Strict Transport Security
-
Section 4.8, Preventing Error Messages to Show the Failure Reason on Browsers
-
Section 4.9, Disabling XFS in Access Gateway ESP
-
Section 4.10, Disabling XFS for Resources Protected by Access Gateway
-
Section 4.11, Samples of Recommended Settings