To enable logging for Secure Channel logging (Schannel), use the following guide.
Add the following registry key:
Set one of the following values:
0x0000 Do not log
0x0001 Log error messages
0x0002 Log warnings
0x0004 Log informational and success events
When troubleshooting I like to set it to 0x0007 (0x0001 + 0x0002 + 0x0004). Reboot your machine to start the logging process.
The data will end up in the “System” eventlog with the source name of “Schannel”. You would want to keep an eye out for event id 36880, indicating a succesful event. It would look something like:
A SSL client handshake completed successfully. The negotiated cryptographic parameters are as follows.
Protocol: TLS 1.2
Exchange strength: 256
To translate the CipherSuite use the following site:
In the example above this would translate to: