DTBI1075-IE11 - Prevent ignoring certificate errors option must be enabled.

Information

This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as 'expired', 'revoked', or 'name mismatch' errors) in Internet Explorer. If you enable this policy setting, the user cannot continue browsing. If you disable or do not configure this policy setting, the user can choose to ignore certificate errors and continue browsing.

Solution

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> Internet Control Panel >> 'Prevent ignoring certificate errors' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_IE11_V2R2_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-23(5), CAT|II, CCI|CCI-002470, Rule-ID|SV-223042r428678_rule, STIG-ID|DTBI1075-IE11, STIG-Legacy|SV-79207, STIG-Legacy|V-64717, Vuln-ID|V-223042

Plugin: Windows

Control ID: 0d3b9e87528d68b65148f6d4c010ff4c42150c726edc92d1216224f849d52167