The UseHsts
stopped appending the Strict-Transport-Security
header after the migration from Service Fabric to K8S. How to fix it?
I am using the .NET 6. I tried debugging to see if the UseHsts
gets called. Also, I double checked that doing exactly the same deployment to Service Fabric result in a running app which returns the header.
I spent a probably 5 hours now and was not able to come up with anything. I found this, but it seems to be about enabling the HSTS at the Azure level, while I would like to enable it using the tools at the application level.
There is a version of UseHsts in IApplicationBuilder which doesn't work. You have to use UseHsts from NWebsec.AspNetCore.Middleware in order for this to work.