On Tue, Jun 20, 2006 at 10:01:22PM +0200, Graham Leggett wrote: > A number of apps I have encountered that use SSL hide the original error > from you, replacing it with something vague and misleading, and you're > off on a wild goose chase. > Generally agreed, although knowing the horrors of openssl errors and how difficult they can be to interpret, perhaps access to the raw error along with a more generalised error would be the best compromise? In fact, openssl has some of this already -
verify error:num=19:self signed certificate in certificate chain verify return:0 23457:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1052:SSL alert number 40 23457:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226: vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall
