Per https://discuss.elastic.co/t/ldaps-and-chain-of-certificates/250724 it's possible to get an SSL failure & diagnostic when the cipher requires certain key usage that is not permitted by the certificate.

To assist in such diagnostics, it would be of assistance to print out the ceritficate's KeyUsage and the session's Cipher suite in the message.
While we're doing that, the cert's ExtendedKey

英雄招募

成为 Doocs 项目维护者

本项目 advanced-java，包括 Doocs 开源组织下的所有项目，都欢迎各位朋友参与完善。

如果你提交的内容有价值，且具备规范性，将有机会提升为项目的维护者，直接参与项目的 review、merge 等维护工作，提交内容时也可以直接 push 到 doocs/advanced-java 主分支 master 下，无须提交 PR 等待 review。

目前 advanced-java 只有 [yanglbme](http

Since elastic/elasticsearch#59685 is resolved now (7.11.0+) we can proceed and remove redundant _authenticate calls after we create any kind of access token (Token/SAML/OIDC/Kerberos/PKI) that would improve login performance and make code simpler overall.

As suggested in the ESM guidelines of Node.js it would be good to explicit the type of the module.

{
+  "type": "commonjs",
}