From: Scott Cantor <cantor.2@osu.edu>
Date: Fri, 16 Mar 2012 02:16:21 +0000 (+0000)
Subject: https://issues.shibboleth.net/jira/browse/CPPXT-82
X-Git-Tag: 1.5.0~24
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-xmltooling.git;a=commitdiff_plain;h=dfe7b58aba11d21415249530add576e811417191

https://issues.shibboleth.net/jira/browse/CPPXT-82
---

diff --git a/xmltooling/soap/impl/CURLSOAPTransport.cpp b/xmltooling/soap/impl/CURLSOAPTransport.cpp
index e6a2c66..60bc1c6 100644
--- a/xmltooling/soap/impl/CURLSOAPTransport.cpp
+++ b/xmltooling/soap/impl/CURLSOAPTransport.cpp
@@ -663,8 +663,19 @@ int xmltooling::verify_callback(X509_STORE_CTX* x509_ctx, void* arg)
     }
 
     if (!success) {
-        log.error("supplied TrustEngine failed to validate SSL/TLS server certificate");
-        x509_ctx->error=X509_V_ERR_APPLICATION_VERIFICATION;     // generic error, check log for plugin specifics
+        log.error("supplied TrustEngine failed to validate SSL/TLS server certificate:");
+        if (x509_ctx->cert) {
+            BIO* b = BIO_new(BIO_s_mem());
+            X509_print(b, x509_ctx->cert);
+            BUF_MEM* bptr = nullptr;
+            BIO_get_mem_ptr(b, &bptr);
+            if (bptr && bptr->length > 0) {
+                string s(bptr->data, bptr->length);
+                log.error(s);
+            }
+            BIO_free(b);
+        }
+        x509_ctx->error = X509_V_ERR_APPLICATION_VERIFICATION;     // generic error, check log for plugin specifics
         ctx->setAuthenticated(false);
         return ctx->m_mandatory ? 0 : 1;
     }