Details
This setting controls whether a user is able to proceed to a webpage when an invalid SSL certificate warning has occurred.
The recommended state for this setting is: Disabled (0)
Rationale:
Sites protected by SSL should always be recognized as valid in the web browser. Allowing a user to make the decision as to whether what appears to be an invalid certificate could open an organization up to users visiting a site that is otherwise not secure and or malicious in nature.
Impact:
Users will not be able to click past the invalid certificate error to view the website.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled:
Computer ConfigurationPoliciesAdministrative TemplatesGoogleGoogle ChromeAllow proceeding from the SSL warning page
Default Value:
Unset (Same as Enabled, but user can change)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.