thanks for your time.
The option "reqires SSL" is configured on the masterpage - inheritance is working properly.
Under "Settings->Security & Membership->" there is no "Administration" available in Kentico 8.1.17.
But i don't think this is answering my question.
Does Kentico set, at any point, the "strict-transport-security -> max-age value" or comes this from a server configuration?