aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorMatthew Hall <matthew.hall@threatstream.com>2015-03-24 17:34:13 -0700
committerDaniel Stenberg <daniel@haxx.se>2015-04-13 22:25:04 +0200
commitb3175a767d5375c10662a564fdc598f709192cac (patch)
treea30268fbb3e93b51f12159a14e7c9d785c4873d6 /lib/vtls
parent58b0a8b0596a67625fb9242cee229222f99c8600 (diff)
vtls_openssl: improve client certificate load failure error messages
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/openssl.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 889225fda..7868e3e4d 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -403,7 +403,10 @@ int cert_stuff(struct connectdata *conn,
/* SSL_CTX_use_certificate_chain_file() only works on PEM files */
if(SSL_CTX_use_certificate_chain_file(ctx,
cert_file) != 1) {
- failf(data, SSL_CLIENT_CERT_ERR);
+ failf(data,
+ "could not load PEM client certificate, OpenSSL error %s, "
+ "(no key found, wrong pass phrase, or wrong file format?)",
+ ERR_error_string(ERR_get_error(), NULL) );
return 0;
}
break;
@@ -415,7 +418,10 @@ int cert_stuff(struct connectdata *conn,
if(SSL_CTX_use_certificate_file(ctx,
cert_file,
file_type) != 1) {
- failf(data, SSL_CLIENT_CERT_ERR);
+ failf(data,
+ "could not load ASN1 client certificate, OpenSSL error %s, "
+ "(no key found, wrong pass phrase, or wrong file format?)",
+ ERR_error_string(ERR_get_error(), NULL) );
return 0;
}
break;