Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Windows Server TechCenter
Click to Rate and Give Feedback
NPS: SCHANNEL

Updated: October 21, 2008

Applies To: Windows Server 2008, Windows Server 2008 R2

You can use this registry setting to enable the logging of client certificate validation failures, which are secure channel (Schannel) events.

Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.

Registry path

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL

Schannel is a security support provider (SSP) that supports a set of Internet security protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). These protocols provide identity authentication and secure, private communication through encryption. Logging of client certificate validation failures is a secure channel event, and is not enabled on the NPS server by default.

To enable secure channel events

You can enable additional secure channel event logging by changing the registry key value from 1 (REG_DWORD type, data 0x00000001) to 3 (REG_DWORD type, data 0x00000003).

noteNote
The logging of rejected or discarded authentication events is enabled by default.

Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
© 2012 Microsoft. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker