Open In App
Related Articles

HTTP headers | Expect-CT

Improve Article
Save Article
Like Article

The HTTP Expect-CT header is a response-type header that prevents the usage of wrongly issued certificates for a site and makes sure that they do not go unnoticed and it also allows sites to decide on reporting or enforcement of Certificate Transparency requirements.


Expect-CT max-age=<age>, enforce, report-uri="<uri>"

Note: Enforce and report-uri are optional directives.

Directives: The HTTP Expect-CT header accepts three directives mentioned above and described below:

  • max-age:<age>: This directive tells the number of seconds for which the user should consider the Expect-CT host(from whom the message was received) after the reception of the Expect-CT header.
  • enforce: It is an optional directive which prompts the user to refuse further connections which do not comply with the Certificate Transparency(CT) policy and also enforces the policy.
  • report-uri:<uri>: It is an optional directive that describes the URL where the user can report the failure of the Expect-CT header.


  • In this example, the Certificate Transparency is enforced for 12 hours and the reports are made to .
    Expect-CT: max-age=43200, enforce, report-uri=""
  • In this example, the Certificate Transparency is enforced for an hour.
    Expect-CT: max-age=3600, enforce
  • To check the Expect-CT in action go to Inspect Element -> Network check the response header for Expect-CT like below, Expect-CT is highlighted.

    Supported browsers: The browsers are compatible with HTTP Expect-CT header are listed below:

    • Google Chrome
    • Opera
Last Updated : 19 Nov, 2019
Like Article
Save Article
Similar Reads
Related Tutorials