With Windows Event Viewer you can get valuable information for PKI and SSL problems.
- Open Event View with eventvwr.exe
- Open Applications and Services Logs\Microsoft\Windows\CAPI2 directory
- Right Click on CAPI2 and Enable Log
Now log is active and you will recieve log.
For details see https://blogs.msdn.microsoft.com/benjaminperkins/2013/09/30/enable-capi2-event-logging-to-troubleshoot-pki-and-ssl-certificate-issues/.