证书校验不通过时，输出证书信息。

platform/src/ssl_stream.cpp

@@ -598,9 +598,10 @@ error_out:
 	return NULL;
 }
 
-int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl, const char** error_string)
+int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl, char** error_string)
 {
 	int ret = 0, err_code=0;
+	char *subj=NULL, *issuer=NULL;
 	STACK_OF(X509) * cert_chain = SSL_get_peer_cert_chain(ssl);
 	if (cert_chain == NULL)
 	{
@@ -617,7 +618,14 @@ int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl, const char** error
 	if(ret!=1)
 	{
 		err_code=X509_STORE_CTX_get_error(ctx);
-		*error_string=X509_verify_cert_error_string(err_code);
+		subj=ssl_x509_subject(cert);
+		issuer=ssl_x509_issuer(cert);
+		asprintf(error_string, "%s : subject - %s issuer - %s"
+								, X509_verify_cert_error_string(err_code)
+								, subj
+								, issuer);
+		free(subj);
+		free(issuer);
 	}
 	X509_STORE_CTX_free(ctx);
 	return (ret == 1);
@@ -953,7 +961,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 	struct ssl_stream * s_stream = ctx->s_stream;
 	struct ssl_mgr* mgr=s_stream->mgr;
 	SSL_SESSION * ssl_sess = NULL;
-	const char* error_string=NULL;
+	char* error_string=NULL;
 
 	if (events & BEV_EVENT_ERROR)
 	{
@@ -993,6 +1001,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 				char* addr_str=tfe_string_addr_create_by_fd(ctx->fd_upstream, CONN_DIR_UPSTREAM);
 				TFE_LOG_INFO(mgr->logger, "Fake Cert %s %s : %s", addr_str, ctx->s_stream->client_hello->sni, error_string);
 				free(addr_str);
+				free(error_string);
 			}
 		}
 		else