diff --git a/browser/modules/Sanitizer.jsm b/browser/modules/Sanitizer.jsm
index 6917e2092b9b..c3495749726a 100644
--- a/browser/modules/Sanitizer.jsm
+++ b/browser/modules/Sanitizer.jsm
@@ -429,28 +429,13 @@ var Sanitizer = {
 
     siteSettings: {
       async clear(range) {
-        let seenException;
         let refObj = {};
         TelemetryStopwatch.start("FX_SANITIZE_SITESETTINGS", refObj);
-
         await clearData(range, Ci.nsIClearDataService.CLEAR_PERMISSIONS |
                                Ci.nsIClearDataService.CLEAR_PREFERENCES |
-                               Ci.nsIClearDataService.CLEAR_DOM_PUSH_NOTIFICATIONS);
-
-        try {
-          // Clear site security settings - no support for ranges in this
-          // interface either, so we clearAll().
-          let sss = Cc["@mozilla.org/ssservice;1"]
-                      .getService(Ci.nsISiteSecurityService);
-          sss.clearAll();
-        } catch (ex) {
-          seenException = ex;
-        }
-
+                               Ci.nsIClearDataService.CLEAR_DOM_PUSH_NOTIFICATIONS |
+                               Ci.nsIClearDataService.CLEAR_SECURITY_SETTINGS);
         TelemetryStopwatch.finish("FX_SANITIZE_SITESETTINGS", refObj);
-        if (seenException) {
-          throw seenException;
-        }
       }
     },
 
diff --git a/toolkit/components/cleardata/ClearDataService.js b/toolkit/components/cleardata/ClearDataService.js
index 56bb43e26abf..8e9e9e915d8b 100644
--- a/toolkit/components/cleardata/ClearDataService.js
+++ b/toolkit/components/cleardata/ClearDataService.js
@@ -553,6 +553,43 @@ const PreferencesCleaner = {
   },
 };
 
+const SecuritySettingsCleaner = {
+  deleteByHost(aHost, aOriginAttributes) {
+    return new Promise(aResolve => {
+      let sss = Cc["@mozilla.org/ssservice;1"]
+                  .getService(Ci.nsISiteSecurityService);
+      for (let type of [Ci.nsISiteSecurityService.HEADER_HSTS,
+                        Ci.nsISiteSecurityService.HEADER_HPKP]) {
+        // Also remove HSTS/HPKP/OMS information for subdomains by enumerating
+        // the information in the site security service.
+        let enumerator = sss.enumerate(type);
+        while (enumerator.hasMoreElements()) {
+          let entry = enumerator.getNext();
+          let hostname = entry.QueryInterface(Ci.nsISiteSecurityState).hostname;
+          if (hasRootDomain(hostname, aHost)) {
+            // This uri is used as a key to remove the state.
+            let uri = Services.io.newURI("https://" + hostname);
+            sss.removeState(type, uri, 0, entry.originAttributes);
+          }
+        }
+      }
+
+      aResolve();
+    });
+  },
+
+  deleteAll() {
+    return new Promise(aResolve => {
+      // Clear site security settings - no support for ranges in this
+      // interface either, so we clearAll().
+      let sss = Cc["@mozilla.org/ssservice;1"]
+                    .getService(Ci.nsISiteSecurityService);
+      sss.clearAll();
+      aResolve();
+    });
+  },
+};
+
 // Here the map of Flags-Cleaner.
 const FLAGS_MAP = [
  { flag: Ci.nsIClearDataService.CLEAR_COOKIES,
@@ -605,6 +642,9 @@ const FLAGS_MAP = [
 
  { flag: Ci.nsIClearDataService.CLEAR_CONTENT_PREFERENCES,
    cleaner: PreferencesCleaner, },
+
+ { flag: Ci.nsIClearDataService.CLEAR_SECURITY_SETTINGS,
+   cleaner: SecuritySettingsCleaner, },
 ];
 
 this.ClearDataService = function() {};
diff --git a/toolkit/components/cleardata/nsIClearDataService.idl b/toolkit/components/cleardata/nsIClearDataService.idl
index 3ac66890b374..466f2d311875 100644
--- a/toolkit/components/cleardata/nsIClearDataService.idl
+++ b/toolkit/components/cleardata/nsIClearDataService.idl
@@ -168,10 +168,13 @@ interface nsIClearDataService : nsISupports
    */
   const uint32_t CLEAR_CONTENT_PREFERENCES = 1 << 16;
 
+  /**
+   * Secure site settings
+   */
+  const uint32_t CLEAR_SECURITY_SETTINGS = 1 << 17;
+
   /* TODO
   const uint32_t CLEAR_EME = 1 << 4;
-  const uint32_t CLEAR_HSTS = 1 << 12;
-  const uint32_t CLEAR_HPKP = 1 << 13;
   const uint32_t CLEAR_FORMDATA = 1 << 16;
   */
 
diff --git a/toolkit/forgetaboutsite/ForgetAboutSite.jsm b/toolkit/forgetaboutsite/ForgetAboutSite.jsm
index acbcec740348..42debb7f942c 100644
--- a/toolkit/forgetaboutsite/ForgetAboutSite.jsm
+++ b/toolkit/forgetaboutsite/ForgetAboutSite.jsm
@@ -31,30 +31,6 @@ var ForgetAboutSite = {
       throw new Error("Exception thrown while clearing Encrypted Media Extensions: " + ex);
     }));
 
-    // HSTS and HPKP
-    promises.push((async function() {
-      let sss = Cc["@mozilla.org/ssservice;1"].
-                getService(Ci.nsISiteSecurityService);
-      for (let type of [Ci.nsISiteSecurityService.HEADER_HSTS,
-                        Ci.nsISiteSecurityService.HEADER_HPKP]) {
-        // Also remove HSTS/HPKP information for subdomains by enumerating the
-        // information in the site security service.
-        let enumerator = sss.enumerate(type);
-        while (enumerator.hasMoreElements()) {
-          let entry = enumerator.getNext();
-          let hostname = entry.QueryInterface(Ci.nsISiteSecurityState).hostname;
-          // If the hostname is aDomain's subdomain, we remove its state.
-          if (hostname == aDomain || hostname.endsWith("." + aDomain)) {
-            // This uri is used as a key to remove the state.
-            let uri = NetUtil.newURI("https://" + hostname);
-            sss.removeState(type, uri, 0, entry.originAttributes);
-          }
-        }
-      }
-    })().catch(ex => {
-      throw new Error("Exception thrown while clearing HSTS/HPKP: " + ex);
-    }));
-
     let ErrorCount = 0;
     for (let promise of promises) {
       try {