Information
Google Chrome can exclude certificates by their subjectPublicKeyInfo hashes from enforcing Certificate Transparency requirements. If this setting is disabled, no certificates are excluded from Certificate Transparency requirements.
The recommended state for this setting is: Disabled (0)
Rationale:
Certificate Transparency requirements shall be enforced for all certificates.
Impact:
None - This is the default behavior.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to Disabled:
Computer Configuration\Policies\Administrative Templates\Google\Google Chrome\Disable Certificate Transparency enforcement for a list of subjectPublicKeyInfo hashes
Default Value:
Unset (Same as Disabled, but user can change)