I know this question is almost a year old, but this was one of the top results in Google when I was attempting to do something similar, so I'll respond with my solution to potentially help someone who finds this question in the future:
We are using Apache, so I used this IBM article as a guide to change my Apache settings. The important part of that article is including "always set Strict-Transport-Security" string to your Header showed in section 2a.
It's a relatively simple fix.
See how to use Jira on the go! Demo Den Episode 5 is here: meet Jira Mobile with Jira Product Manager Rayen Magpantay. Demo Den is in our monthly series where a Jira PM demonstrates...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events