Missing CRLs

This policy setting controls whether Outlook considers a missing certificate revocation list (CRL) a warning or an error. Digital certificates contain an attribute that shows where the corresponding CRL is located. CRLs contain lists of digital certificates that have been revoked by their controlling certification authorities (CAs), typically because the certificates were issued improperly or their associated private keys were compromised. If a CRL is missing or unavailable, Outlook cannot determine whether a certificate has been revoked. Therefore, an improperly issued certificate or one that has been compromised might be used to gain access to data.

If you enable this policy setting, you can choose between two options that determine how Outlook functions when a CRL is missing:

- Warning. This option is the default configuration in Outlook and ensures that Outlook displays a warning message when a CRL is missing.

- Error. This option ensures that Outlook displays an error message when a CRL is missing.

If you disable or do not configure this policy setting, Outlook displays a warning message when a CRL is not available.

Supported on: At least Windows 7

Indicate a missing CRL as a(n):


  1. Warning
    Registry HiveHKEY_CURRENT_USER
    Registry Pathsoftware\policies\microsoft\office\16.0\outlook\security
    Value Namesigstatusnocrl
    Value TypeREG_DWORD
    Value0
  2. Error
    Registry HiveHKEY_CURRENT_USER
    Registry Pathsoftware\policies\microsoft\office\16.0\outlook\security
    Value Namesigstatusnocrl
    Value TypeREG_DWORD
    Value1


outlk16.admx

Administrative Templates (Computers)

Administrative Templates (Users)