News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
SChannel Logging  
by GeeeTeee
posted on 2005/05/12

For anybody struggling (as I am) with SSL connections, there is a registry value which will direct SCHANNEL events into the System log. I have found it very helpful...

SUMMARY
When you enable Schannel event logging on a computer that is running Microsoft Windows NT Server 4.0, Microsoft Windows 2000 Server, or Microsoft Windows XP Professional, detailed information from Schannel events can be written to the Event Viewer logs, in particular the System event log. This article describes how to enable and configure Schannel event logging.

How to Enable logging
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

Note This registry key is present already in Windows 2000 and XP Professional.

1. Start Registry Editor.

2. Locate the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL

3. Add the following registry value:
Value Name: EventLogging
Data Type: REG_DWORD

Note After you add this property, you must give it a value. See the table in the Logging options section to obtain the appropriate value for the type of events that you want to log.

4. Exit Registry Editor.

5. Restart the PC

Logging options
The default value for Schannel event logging is 0x0000 in Windows NT Server 4.0, which means that no Schannel events are logged. In Windows 2000 Server and Windows XP Professional, this value is set to 0x0001, which means that error messages are logged. Additionally, you can log multiple events by specifying the hexadecimal value that equates to the logging options that you want. For example, to log error messages (0x0001) and warnings (0x0002), set the value to 0x0003. I have found that for troubleshooting, 0x0007 works best, as this logs everything.

Value Description
0x0000 Do not log
0x0001 Log error messages
0x0002 Log warnings
0x0004 Log informational and success events

Enjoy!

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.