Allow users to manage installed CA certificates.

Setting the policy to All (0) or leaving it unset lets users edit trust settings for all CA certificates, remove user-imported certificates, and import certificates using Certificate Manager. Setting the policy to UserOnly (1) lets users manage only user-imported certificates, but not change trust settings of built-in certificates. Setting it to None (2) lets users view (not manage) CA certificates.

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

Allow users to manage installed CA certificates.


  1. Allow users to manage all certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value0
  2. Allow users to manage user certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value1
  3. Disallow users from managing certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value2


chromeos.admx

Administrative Templates (Computers)

Administrative Templates (Users)