Expect-ct web.config

The Expect-CT header enables web pages with possibility to report and/or enforce Certificate Transparency requirements, to prevent the use of misissued certificates from going unnoticed. The Expect-CT header can be configured under the Web.config file, under the i4connected API folder, as follows:

Expect-CT: enforce, max-age=7776000, report-uri=" https://ABSOLUTE_REPORT_URL " Note: We strongly suggest you to use Expect-CT header in report-only mode first. If everything goes well and your certificate is ready, go with the Expect-CT enforce mode. In the end I have configured the web.config like this, the reason I am doing it directly via the web.config is that the client does not have access to the IIS control panel nor does the host company want to provide it. This is the code I eventually came up with: