en-US

Require online OCSP/CRL checks for local trust anchors

Supported on: Microsoft Windows 7 or later

Registry

HKLM Software\Policies\Google\Chrome
HKCU Software\Policies\Google\Chrome

Value name: RequireOnlineRevocationChecksForLocalAnchors

Enabled: RequireOnlineRevocationChecksForLocalAnchors = 1

Disabled: RequireOnlineRevocationChecksForLocalAnchors = 0

Description

Setting the policy to True means Google Chrome always performs revocation checking for successfully validated server certificates signed by locally installed CA certificates. If Google Chrome can't get revocation status information, Google Chrome treats these certificates as revoked (hard-fail). Setting the policy to False or leaving it unset means Google Chrome uses existing online revocation-checking settings. On macOS, this policy has no effect if the ChromeRootStoreEnabled policy is set to False.