Applies To: Windows Vista, Windows Server 2008, Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012, Windows 8

This topic for the IT professional lists the tools that are available from Microsoft to investigate, evaluate, and configure the protocols that are supported by the Schannel Security Support Provider (SSP).

The following table defines tools can be used to understand and diagnose the TLS and SSL protocols.




Windows PowerShell

Windows PowerShell is a task-based command-line shell and scripting language that can be used to automate tasks designed especially for system administration.

Type: Cmdlets

In Windows Server 2012 R2 with Windows PowerShell 4.0:

Transport Layer Security Cmdlets in Windows PowerShell

Dsa.msc: Active Directory Users and Computers

Type: MMC snap-in

You can add, edit, or remove certificates by modifying the Name Mapping Task for the Computer object or the User object .

Also, by accessing the Published Certificates tab for the User object, which lists the X.509 certificates that are published for the user account, you can view, remove, copy to file-listed certificates, and add new certificates from the local certificate store or from a DER-encoded binary X.509 file (*.cer) or a PKCS #7 (*.p7b) file.

In Windows Server 2008 and Windows Server 2008 R2:

Active Directory Users and Computers Overview [w8]

Eventvwr.msc: Event Viewer

Type: MMC snap-in

This tool allows you to view the system log, which contains Schannel error codes and other events that are related to authentication.

For more information about these events, see Schannel Events.

In Windows Server 2008 Help:

Event Viewer Overview [w8]

Netmon.exe: Network Monitor

Type: Download utility

This tool enables you to capture network traces, which can be used to troubleshoot most network issues.

From the Microsoft Download Center:

Microsoft Network Monitor 3.4

See also

Schannel Security Support Provider Technical Reference