MINOR: ssl: add the SSL error string when failing to load a certificate

Add the SSL error string when failing to load a certificate in
ssl_sock_load_pem_into_ckch(). It's difficult to know what happen when no
descriptive errror are emitted.

Example:
[ALERT]    (1264006) : config : parsing [ssl_default_server.cfg:51] : 'bind /tmp/ssl.sock' in section 'listen' : unable to load certificate chain from file 'reg-tests/ssl//common.pem': ASN no PEM Header Error

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index ae206447c705cb8a5bd29dca8e0affbfc7997eed..ecf69f067464b18541d49c40afbadb641349ef84 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -633,8 +633,8 @@ int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and
 
        ret = ERR_get_error();
        if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
-               memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
-                         err && *err ? *err : "", path);
+               memprintf(err, "%sunable to load certificate chain from file '%s': %s\n",
+                         err && *err ? *err : "", path, ERR_reason_error_string(ret));
                goto end;
        }