As part of our normal review of such things I ran an SSL Labs test on our sites only to discover that we now had double header entries in our responses for Strict-Transport-Security.
Not a terrible thing but the SSL test does point it out and after some examination I realized that Domino now adds that header automatically once you only use HTTPS or if you redirect to HTTPS as explained by the very helpful Dave Kern right here: https://www-10.lotus.com/ldd/dominowiki.nsf/dx/HSTS
Since we use a Netscaler in front of our Domino servers to add a variety of security measures and other network enhancements, I decided I did not want Domino also adding its own header so I set the nifty .ini setting of …
HTTP_ENABLE_HSTS=0
which did the trick!