From f65e771e548d527a221aa24ff02ef693bc279e26 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 31 Mar 2014 16:01:37 +0200
Subject: [PATCH] more verbose log message

---
 src/tlslib.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/tlslib.c b/src/tlslib.c
index 79e9320b..ab57c267 100644
--- a/src/tlslib.c
+++ b/src/tlslib.c
@@ -345,7 +345,8 @@ unsigned usage;
 		ret = gnutls_x509_crt_get_key_usage(crt, &usage, NULL);
 		if (ret >= 0) {
 			if (!(usage & GNUTLS_KEY_KEY_ENCIPHERMENT)) {
-				mslog(s, NULL, LOG_WARNING, "server certificate key usage prevents key encipherment; unable to support the RSA ciphersuites\n");
+				mslog(s, NULL, LOG_WARNING, "server certificate key usage prevents key encipherment; unable to support the RSA ciphersuites; "
+					"if that is not intentional, regenerate the server certificate with the key usage flag 'key encipherment' set.");
 				if (s->config->dh_params_file != NULL)
 					mslog(s, NULL, LOG_WARNING, "no DH-params file specified; server will be limited to ECDHE ciphersuites\n");
 			}