This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists. If you enable this policy setting Internet Explorer does not prompt users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you disable this policy setting Internet Explorer prompts users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you do not configure this policy setting Internet Explorer prompts users with a Client Authentication message when they connect to a Web site that has no certificate or only one certificate.

1. Registry path is:

   HKEY_LOCAL_MACHINE -> Software -> Policies -> Microsoft -> Windows -> CurrentVersion -> Internet Settings -> Lockdown_Zones -> 0 # 1A04

2. The Administrative Template path is:

   Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Locked-Down Local Machine Zone

* Making mistakes while changing registry values can affect your system adversely. We recommend you to create a System Restore point before making registry manipulation. If you're new to Registry Editor, read this beginner's guide.

** To locate the registry and administrative template path, checkout beginner's guide.