Require online OCSP/CRL checks for local trust anchors
Supported on: Microsoft Windows 7 or later
Registry
HKLM
Software\Policies\Google\Chrome HKCU
Software\Policies\Google\Chrome Value name: RequireOnlineRevocationChecksForLocalAnchors
Enabled: RequireOnlineRevocationChecksForLocalAnchors = 1
Disabled: RequireOnlineRevocationChecksForLocalAnchors = 0
Description
Setting the policy to True means Google Chrome always performs revocation checking for successfully validated server certificates signed by locally installed CA certificates. If Google Chrome can't get revocation status information, Google Chrome treats these certificates as revoked (hard-fail). Setting the policy to False or leaving it unset means Google Chrome uses existing online revocation-checking settings. On macOS, this policy has no effect if the ChromeRootStoreEnabled policy is set to False.