I have accidentally generated wrong certificate for the sudo_logsrvd client for TLS communication (it was for a server and not a client), and felt it a bit hard to debug what the problem could be. Ended up adding these log messages, I think they could be useful.
Example message looks like this:
May 15 12:13:15.611 sudo_logsrvd[23971] TLS verification failed for cert '/C=US/ST=Utah/O=sudo/OU=sudo Audit Server/CN=QPM': '26:unsupported certificate purpose' @ verify_peer_identity() ./logsrvd.c:1271
I have accidentally generated wrong certificate for the sudo_logsrvd client for TLS communication (it was for a server and not a client), and felt it a bit hard to debug what the problem could be. Ended up adding these log messages, I think they could be useful.
Example message looks like this: