We recently went through some system load testing and were told that there where many SSL negotiation issues and timeouts. I couldn't find anything in the iis logs about this (all requests where 200). Is there somewhere else where Windows 2003/IIS may log this information?
UPDATE: Seeing that the SSL cert is configured with IIS, isn't IIS responsible for making the connection to the client via SSL? Or is SSL negotiated separate from IIS and IIS just handles the HTML over SSL part? It is IIS that responds to to port 443 (assuming 443 configured for HTML of SSL), so I am a bit confused why it wouldn't log about these connections?
I used the SSL Diagnostics application, it is quite easy to setup and use. I didn't find any issue with the actual negotiation of the SSL channel, it is just taking a long time for the handshaking complete. So my next step is to determine what we need to do to improve our SSL handshaking time. First thought is to have SSL handshaking to occur at the load balancer, not the servers themselves.
Best Answer
SSL negotiation happens before any HTTP headers are processed so you won't see this in the IIS logs. Have you looked through your event logs to see if there is anything there?
EDIT:
You can also have a go with SSL Diagnostics from Microsoft, specifically SSLMon. Looks like it might have something that will be of benefit to you, although I admittedly have not played with it yet.