We have a Spring Boot application behind an AWS Application Load Balancer. The load balancer terminates SSL before forwarding coming requests to our application and also redirects 80 port to 443 port.
We want to enable strict-transport-security (hsts) response header but we don't want to enable it on Spring Boot by adding SSL information to the app's configuration.
Is it possible to enable hsts on AWS Application Load Balancer without enabling https on Spring Boot?