--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -109,25 +109,28 @@ function getHosts(rawdata) {
   }
 
   return hosts;
 }
 
 var gSSService = Cc["@mozilla.org/ssservice;1"]
                    .getService(Ci.nsISiteSecurityService);
 
-function processStsHeader(host, header, status) {
+function processStsHeader(host, header, status, securityInfo) {
   var maxAge = { value: 0 };
   var includeSubdomains = { value: false };
   var error = ERROR_NONE;
-  if (header != null) {
+  if (header != null && securityInfo != null) {
     try {
       var uri = Services.io.newURI("https://" + host.name, null, null);
+      var sslStatus = securityInfo.QueryInterface(Ci.nsISSLStatusProvider)
+                                  .SSLStatus;
       gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS,
-                               uri, header, 0, maxAge, includeSubdomains);
+                               uri, header, sslStatus, 0, maxAge,
+                               includeSubdomains);
     }
     catch (e) {
       dump("ERROR: could not process header '" + header + "' from " +
            host.name + ": " + e + "\n");
       error = e;
     }
   }
   else {
@@ -175,17 +178,18 @@ function getHSTSStatus(host, resultList)
   var uri = "https://" + host.name + "/";
   req.open("GET", uri, true);
   req.timeout = REQUEST_TIMEOUT;
   req.channel.notificationCallbacks = new RedirectStopper();
   req.onreadystatechange = function(event) {
     if (!inResultList && req.readyState == 4) {
       inResultList = true;
       var header = req.getResponseHeader("strict-transport-security");
-      resultList.push(processStsHeader(host, header, req.status));
+      resultList.push(processStsHeader(host, header, req.status,
+                                       req.channel.securityInfo));
     }
   };
 
   try {
     req.send();
   }
   catch (e) {
     dump("ERROR: exception making request to " + host.name + ": " + e + "\n");