Policy

Certificate Deployment via Controlled Feature Rollout

For enterprises that desire assistance in deploying the new Secure Boot certificates to their devices, this setting can be enabled. Note: The device must be sending required diagnostic data to Microsoft to use this feature. For more information, see: https://aka.ms/GetSecureBoot

Policy
Pack Microsoft Windows
Category Windows Components / Secure Boot
Policy ID 34b0b01ee3fc
Internal name SecureBoot_MicrosoftUpdateManagedOptIn

Registry

Copy registry mappings

HKLM\SYSTEM\CurrentControlSet\Control\SecureBoot\MicrosoftUpdateManagedOptIn (enabled) = 22852
HKLM\SYSTEM\CurrentControlSet\Control\SecureBoot\MicrosoftUpdateManagedOptIn (disabled) = 0

Policy notes

For enterprises that desire assistance in deploying the new Secure Boot certificates to their devices, this setting can be enabled. Note: The device must be sending required diagnostic data to Microsoft to use this feature. For more information, see: https://aka.ms/GetSecureBoot

Related policies

Automatic Certificate Deployment via UpdatesEnable Secure Boot Certificate Deployment