Details
By setting this policy to true, the previous behavior is restored and online OCSP/CRL checks will be performed. If the policy is not set, or is set to false, then Chrome will not perform online revocation checks. Certificates are revoked when they have been compromised or are no longer valid, and this option protects users from submitting confidential data to a site that may be fraudulent or not secure.
Solution
Windows group policy:
1. Open the group policy editor tool with gpedit.msc
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesGoogleGoogle Chrome
Policy Name: Enable online OCSP/CRL checks
Policy State: Enabled
Policy Value: N/A
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.
References
- 800-53|IA-5(2)(a)
- CAT|II
- CCI|CCI-000185
- Rule-ID|SV-221579r769355_rule
- STIG-ID|DTBC-0037
- STIG-Legacy|SV-57623
- STIG-Legacy|V-44789
- Vuln-ID|V-221579