SSL_CTX *ctx, STACK_OF(X509) **find_chain, char **err)
{
int errcode = 0;
+ int ret;
+
+ ERR_clear_error();
if (find_chain == NULL) {
errcode |= ERR_FATAL;
}
if (!SSL_CTX_use_certificate(ctx, ckch->cert)) {
- memprintf(err, "%sunable to load SSL certificate into SSL Context '%s'.\n",
- err && *err ? *err : "", path);
+ ret = ERR_get_error();
+ memprintf(err, "%sunable to load SSL certificate into SSL Context '%s': %s.\n",
+ err && *err ? *err : "", path, ERR_reason_error_string(ret));
errcode |= ERR_ALERT | ERR_FATAL;
goto end;
}
/* Load all certs in the ckch into the ctx_chain for the ssl_ctx */
#ifdef SSL_CTX_set1_chain
if (!SSL_CTX_set1_chain(ctx, *find_chain)) {
- memprintf(err, "%sunable to load chain certificate into SSL Context '%s'. Make sure you are linking against Openssl >= 1.0.2.\n",
- err && *err ? *err : "", path);
+ ret = ERR_get_error();
+ memprintf(err, "%sunable to load chain certificate into SSL Context '%s': %s. Make sure you are linking against Openssl >= 1.0.2.\n",
+ err && *err ? *err : "", path, ERR_reason_error_string(ret));
errcode |= ERR_ALERT | ERR_FATAL;
goto end;
}
projects / thirdparty / haproxy.git / commitdiff
