Policy

Prevent ignoring certificate errors

This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as "expired", "revoked", or "name mismatch" errors) in Internet Explorer. If you enable this policy setting, the user cannot continue browsing. If you disable or do not configure this policy setting, the user can choose to ignore certificate errors and continue browsing.

Policy
Pack Microsoft Windows
Category Windows Components / Internet Explorer / Internet Control Panel
Policy ID cb89bf8db41d
Internal name NoCertError

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\PreventIgnoreCertErrors (enabled) = 1
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\PreventIgnoreCertErrors (disabled) = 0
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\PreventIgnoreCertErrors (enabled) = 1
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\PreventIgnoreCertErrors (disabled) = 0

Policy notes

This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as "expired", "revoked", or "name mismatch" errors) in Internet Explorer. If you enable this policy setting, the user cannot continue browsing. If you disable or do not configure this policy setting, the user can choose to ignore certificate errors and continue browsing.

Related policies

Disable the Advanced pageDisable the Connections pageDisable the Content pageDisable the General pageDisable the Privacy pageDisable the Programs pageDisable the Security page