Fixing Chrome's HSTS Errors

1 min read SSL/TLS & Certificates

Fixing Chrome's HSTS Errors

HTTP Strict Transport Security (HSTS) errors appear when Chrome has cached strict security requirements for a domain. Clear HSTS settings by navigating to chrome://net-internals/#hsts, entering the domain, and clicking "Delete domain security policies." This resolves issues when developing locally or after certificate changes.

For production sites, implement proper HSTS headers:

add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;