Security Settings - HSTS, Content Security Policy, X-Content-Type-Options

Hi, I’m using Payara Community Edition [version 2.2022.2] ( for one of the application and using Micro version for another 2 child applications

I would like to enable these 3 security items
1) HTTP Strict-Transport-Security
2) Content-Security-Policy
3) X-Content-Type-Options

For HSTS, I know we can set something like this
./asadmin set${protocol-name}.ssl.hsts-enabled=true

Question 1: But this doesn’t work on payara-micro, how do we do the same in micro version?
Question 2: How to set Content-Security-Policy and X-Content-Type-Options in Payara full version and micro-version?

Any help on this is much appreciated.

The Payara Micro use the preboot and postboot, as mentioned in Running asadmin commands using Pre-boot and Post-boot Scripts