Some Windows events generated by the certification authority are only generated from a certain logging level.
The following describes how to determine and change the logging level of a certification authority.
The logging level is stored under the following registration key of the certification authority.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\LogLevel
It can also be determined with the following command line command:
certutil -getreg CA\LogLevel
The default value is 3 (ERTLOG_WARNING).
The numerical values are translated into the following variables:
| Value | Meaning | Additional Events |
|---|---|---|
| 0 | CERTLOG_MINIMAL | |
| 1 | CERTLOG_TERSE | |
| 2 | CERTLOG_ERROR | |
| 3 | CERTLOG_WARNING | (default setting) |
| 4 | CERTLOG_VERBOSE | 52, 68, 69, 70, 71, 72, 73, 76, 97 |
| 5 | CERTLOG_EXHAUSTIVE |
The log level can be changed with the following command line command:
certutil -setreg ca\Loglevel {LogLevel}
Increasing the logging level can generate a lot of events. Accordingly, it should be ensured that the event log can grow accordingly. Otherwise, earlier events will be overwritten. It is advisable to increase the logging level only temporarily.
Afterwards, the certification authority service must be restarted.
Restart-Service -ServiceName CertSvc
Related links:
External sources
- How to Change the Event Logging Level for Certificate Services (Microsoft, archive link)
English 
Deutsch
4 thoughts on “Protokollierungsebene (Log Level) für das Ereignisprotokoll der Zertifizierungsstelle konfigurieren”
Comments are closed.