This policy setting controls whether Outlook considers a missing certificate revocation list (CRL) a warning or an error. Digital certificates contain an attribute that shows where the corresponding CRL is located. CRLs contain lists of digital certificates that have been revoked by their controlling certification authorities (CAs), typically because the certificates were issued improperly or their associated private keys were compromised. If a CRL is missing or unavailable, Outlook cannot determine whether a certificate has been revoked. Therefore, an improperly issued certificate or one that has been compromised might be used to gain access to data.
If you enable this policy setting, you can choose between two options that determine how Outlook functions when a CRL is missing:
- Warning. This option is the default configuration in Outlook and ensures that Outlook displays a warning message when a CRL is missing.
- Error. This option ensures that Outlook displays an error message when a CRL is missing.
If you disable or do not configure this policy setting, Outlook displays a warning message when a CRL is not available.
Registry Hive | HKEY_CURRENT_USER |
Registry Path | software\policies\microsoft\office\16.0\outlook\security |
Value Name | sigstatusnocrl |
Value Type | REG_DWORD |
Value | 0 |
Registry Hive | HKEY_CURRENT_USER |
Registry Path | software\policies\microsoft\office\16.0\outlook\security |
Value Name | sigstatusnocrl |
Value Type | REG_DWORD |
Value | 1 |