Information
Google Chrome allows to exclude certificates by their subjectPublicKeyInfo hashes from enforcing Certificate Transparency requirements.
Rationale:
Certificate Transparency requirements shall be enforced for all certificates.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to Disabled:
Computer Configuration\Administrative Templates\Google\Google Chrome\Disable Certificate Transparency enforcement for a list of subjectPublicKeyInfo hashes
Impact:
If this setting is disabled, no certificates are excluded from Certificate Transparency requirements.
Default Value:
Disabled.