For some time HSTS has been a stupid way to deter people from doing what they have no idea of doing, and now pfSense forces the use of HSTS on its webconfigurator, effectively making all port forwarded secure connections difficult to reach. Stubborn pfSense devs refuse to make an option to disable it, but here is a way to do it.
- Enable SSH and open /etc/inc/system.inc
2. Remove add_header Strict-Transport-Security line.
3. Reboot the machine, only restarting webconfigurator won’t work.
Now you can host other secure connections with peace of mind.