Policy
Turn on certificate address mismatch warning
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
This policy setting allows you to turn on the certificate address mismatch security warning. When this policy setting is turned on, the user is warned when visiting Secure HTTP (HTTPS) websites that present certificates issued for a different website address. This warning helps prevent spoofing attacks. If you enable this policy setting, the certificate address mismatch warning always appears. If you disable or do not configure this policy setting, the user can choose whether the certificate address mismatch warning appears (by using the Advanced page in the Internet Control panel).
Registry values
How enabled and disabled states update the registry.
| Registry location | Type | Enabled value | Disabled value |
|---|---|---|---|
| HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnBadCertRecving | REG_DWORD | 1 | 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.
Other policies in this category
Explore related policies at the same level.
- UserInternet Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerInternet Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- UserIntranet Sites: Include all local (intranet) sites not listed in other zonesAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerIntranet Sites: Include all local (intranet) sites not listed in other zonesAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- UserIntranet Sites: Include all network paths (UNCs)At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerIntranet Sites: Include all network paths (UNCs)At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- UserIntranet Sites: Include all sites that bypass the proxy serverAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerIntranet Sites: Include all sites that bypass the proxy serverAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerIntranet Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- UserIntranet Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- UserLocal Machine Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
- ComputerLocal Machine Zone TemplateAt least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1