Make log messages clearer

If someone reads "failed" together with a full stacktrace, then this suggests at first though that something fatal has happened. But this is not the case if appTrustManager failed.
ge0rg · Jul 18, 2015 · 9e30ffd · 9e30ffd · Aminbin · Sep 23, 2015
1 parent 43da4ba
commit 9e30ffd
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/src/de/duenndns/ssl/MemorizingTrustManager.java b/src/de/duenndns/ssl/MemorizingTrustManager.java
@@ -414,7 +414,7 @@ public void checkCertTrusted(X509Certificate[] chain, String authType, boolean i
 			else
 				appTrustManager.checkClientTrusted(chain, authType);
 		} catch (CertificateException ae) {
-			LOGGER.log(Level.FINER, "checkCertTrusted: appTrustManager failed", ae);
+			LOGGER.log(Level.FINER, "checkCertTrusted: appTrustManager did not verify certificate. Will fall back to secondary verification mechanisms (if any).", ae);
 			// if the cert is stored in our appTrustManager, we ignore expiredness
 			if (isExpiredException(ae)) {
 				LOGGER.log(Level.INFO, "checkCertTrusted: accepting expired certificate from keystore");
@@ -425,8 +425,10 @@ public void checkCertTrusted(X509Certificate[] chain, String authType, boolean i
 				return;
 			}
 			try {
-				if (defaultTrustManager == null)
+				if (defaultTrustManager == null) {
+					LOGGER.fine("No defaultTrustManager set. Verification failed, throwing " + ae);
 					throw ae;
+				}
 				LOGGER.log(Level.FINE, "checkCertTrusted: trying defaultTrustManager");
 				if (isServer)
 					defaultTrustManager.checkServerTrusted(chain, authType);