Logging of client side certificate issues

We have a certificate whose root is accepted across all major browsers and operating systems. But some customers told us that the website (certificate) is untrusted because of a missing root certificate in ther cert store.

Is there a general method of gaining knowledge of User-Agents/OS which will not accept that certificate? Will they occur in the access.log or is the client stopping while ssl-handshaking? Can I log that in any usable form?