I'm using a Pentaho with saiku and tomcat with https protocol and I want to use subdomains without https to point to that server. In my actual configuration, server use the option "includeSubDomains" in the Strict-Transport-Security header that sends to web browsers and I want to disable it.

How can I edit that configuration? I can't find it on any tomcat configuration file.