This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists. If you enable this policy setting Internet Explorer does not prompt users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you disable this policy setting Internet Explorer prompts users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you do not configure this policy setting Internet Explorer prompts users with a Client Authentication message when they connect to a Web site that has no certificate or only one certificate.
HKEY_LOCAL_MACHINE -> Software -> Policies -> Microsoft -> Windows -> CurrentVersion -> Internet Settings -> Lockdown_Zones -> 0 # 1A04
Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Locked-Down Local Machine Zone