[pve-devel] [PATCH common] certificate: actually print openssl errors

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Mar 7 11:50:18 CET 2023

print_errs (which is also called internally by die_now) will only 'warn' the
collected error stack if the log level is set to tracing. otherwise, it will
just return the error message(s) corresponding to the error stack as string.

while they are not always the most user-friendly ones, they do provide
additional context that might help to find out what is actually causing a
particular failure. both helpers here actually provide a meaninful user
friendly context (via $msg) as final line.

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>

    noticed while testing Max' key check series

 src/PVE/Certificate.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/PVE/Certificate.pm b/src/PVE/Certificate.pm
index 73091ff..3322557 100644
--- a/src/PVE/Certificate.pm
+++ b/src/PVE/Certificate.pm
@@ -181,12 +181,13 @@ sub der_to_pem {
 my $ssl_die = sub {
     my ($msg) = @_;
+    warn Net::SSLeay::print_errs();
 my $ssl_warn = sub {
     my ($msg) = @_;
-    Net::SSLeay::print_errs();
+    warn Net::SSLeay::print_errs();
     warn $msg if $msg;

More information about the pve-devel mailing list