Allow users to manage installed CA certificates.

This policy controls whether user are able to import and remove CA certificates via Certificate Manager.

If this policy is set to ''Allow users to manage all certificates'' or left not set, users will be able to edit trust settings for all CA certificates, remove user-imported certificates and import certificates.

If this policy is set to ''Allow users to manage user certificates'', users will be able to manage only user-imported certificates and will not be able to change trust settings of built-in certificates.

If this policy is set to ''Disallow users to manage certificates'', users will not be able to manage CA certificates, they can only view CA certificates.

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

Allow users to manage installed CA certificates.


  1. Allow users to manage all certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value0
  2. Allow users to manage user certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value1
  3. Disallow users from managing certificates
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Google\ChromeOS
    Value NameCACertificateManagementAllowed
    Value TypeREG_DWORD
    Value2


chromeos.admx

Administrative Templates (Computers)

Administrative Templates (Users)