MINOR: ssl: add the SSL error string before the chain

Add the SSL error string when failing to load a certificate in
ssl_sock_load_pem_into_ckch(). It's difficult to know what happen when no
 descriptive errror are emitted. This one is for the certificate before
trying to load the complete chain.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index ecf69f067464b18541d49c40afbadb641349ef84..61ffbc08f361ba35aa2301dabb6f8e7b1beb3d14 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -616,8 +616,9 @@ int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and
        /* Read Certificate */
        cert = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
        if (cert == NULL) {
-               memprintf(err, "%sunable to load certificate from file '%s'.\n",
-                         err && *err ? *err : "", path);
+               ret = ERR_get_error();
+               memprintf(err, "%sunable to load certificate from file '%s': %s.\n",
+                         err && *err ? *err : "", path, ERR_reason_error_string(ret));
                goto end;
        }