Policy

Required Certificate Authority

This policy setting enables you to designate a required certificate authority for Outlook to use for encryption and digital signatures. If you enable this policy setting, you can specify a required certificate authority by entering an X.509 distinguished name in the text field that is provided. The name must conform to the X.509 certificate format exactly. For example: CN=WoodgroveBankCA, DC=WoodgroveBank, DC=com If you disable or do not configure this policy setting, Outlook trusts any certificate authorities that are represented by certificates in the Trusted Root Certification Authorities store on users' computers.

Policy
Pack Microsoft Office
Category Microsoft Outlook 2016 / Security / Cryptography
Policy ID db6a2bb5f210
Internal name L_RequiredCertificateAuthority

Registry

Copy registry mappings

HKCU\software\policies\microsoft\office\16.0\outlook\security\requiredca

Policy notes

This policy setting enables you to designate a required certificate authority for Outlook to use for encryption and digital signatures. If you enable this policy setting, you can specify a required certificate authority by entering an X.509 distinguished name in the text field that is provided. The name must conform to the X.509 certificate format exactly. For example: CN=WoodgroveBankCA, DC=WoodgroveBank, DC=com If you disable or do not configure this policy setting, Outlook trusts any certificate authorities that are represented by certificates in the Trusted Root Certification Authorities store on users' computers.

Related policies

Always use TNEF formatting in S/MIME messagesCheck for the user's private key when the user sends an encrypted email that includes the user as a recipientDo not check e-mail address against address of certificates being usedDo not display 'Publish to GAL' buttonDo not provide Continue option on Encryption warning dialog boxesEnable Cryptography IconsEnable Retrieval of Remote Certificate Authority Information