Strict-Transport-Security
This is an additional security configuration when HTTPs is configured.
If enabled:
Switching back to HTTP is not possible anymore. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS.
Disable the HTTP connector
To enable Strict-Transport-Security, add the following valve to ... \Server\tomcat-*\conf\server.XML.
<Valve className="nl.planon.tomcat.AddHeaderValve" name="Strict-Transport-Security" value="max-age=31536000"/>
*