If you happen to have problems with OWASP ZAP using Chrome and visiting a site that supports HSTS in Windows? Just follow theses steps:

1. Enable unsafe renegotiation in ZAP

2. Install Java Cryptography Extension (JCE) for your Java version. Here is the link for Java 8

   • Download and unzip the file.
   • Extract jce\local_policy.jar and jce\US_export_policy.jar from the archive to the folder %JAVA_HOME%\jre\lib\security, overwriting the files already present in the directory.

3. Disable security in Chrome options.

   • Go to chrome://settings
   • Click on Protect you and your device from dangerous sites to disable it.