Whether DHE cipher suites in TLS are enabled

Warning: DHE will be completely removed from Google Chrome after version 57 (around March 2017) and this policy will stop working then.

If the policy is not set, or is set to false, then DHE cipher suites in TLS will not be enabled. Otherwise it may be set to true to enable DHE cipher suites and retain compatibility with an outdated server. This is a stopgap measure and the server should be reconfigured.

Servers are encouraged to migrated to ECDHE cipher suites. If these are unavailable, ensure a cipher suite using RSA key exchange is enabled.


Supported on: Microsoft Windows XP SP2 or later
Registry HiveHKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry PathSoftware\Policies\Google\Chrome
Value NameDHEEnabled
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

chrome.admx

Administrative Templates (Computers)

Administrative Templates (Users)