diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc
index 9a1405ca9..e1bb637f8 100644
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@@ -1407,7 +1407,15 @@ bool    AuthSSLimpl::FailedCertificate(X509 *x509, const std::string& gpgid,
 	rs_sprintf_append(ip_address, "%s:%u", rs_inet_ntoa(addr.sin_addr).c_str(), ntohs(addr.sin_port));
 	uint32_t auth_diagnostic = 0 ;
 
-	bool authed = (x509 != NULL && AuthX509WithGPG(x509,auth_diagnostic)) ;
+	bool authed ;
+
+	if(x509 == NULL)
+	{
+		auth_diagnostic = RS_SSL_HANDSHAKE_DIAGNOSTIC_CERTIFICATE_NOT_VALID ;
+		authed = false ;
+	}
+	else
+		authed = AuthX509WithGPG(x509,auth_diagnostic) ;
 
 	if(authed)
 		LocalStoreCert(x509);
diff --git a/retroshare-gui/src/gui/NewsFeed.cpp b/retroshare-gui/src/gui/NewsFeed.cpp
index b9974d4e8..4e9a6634e 100644
--- a/retroshare-gui/src/gui/NewsFeed.cpp
+++ b/retroshare-gui/src/gui/NewsFeed.cpp
@@ -145,6 +145,9 @@ void NewsFeed::updateDisplay()
 				break;
 
 			case RS_FEED_ITEM_SEC_CONNECT_ATTEMPT:
+			case RS_FEED_ITEM_SEC_WRONG_SIGNATURE:
+			case RS_FEED_ITEM_SEC_BAD_CERTIFICATE:
+			case RS_FEED_ITEM_SEC_INTERNAL_ERROR:
 				if (Settings->getMessageFlags() & RS_MESSAGE_CONNECT_ATTEMPT) {
 					MessageComposer::sendConnectAttemptMsg(fi.mId1, fi.mId2, QString::fromUtf8(fi.mId3.c_str()));
 				}
diff --git a/retroshare-gui/src/gui/feeds/SecurityItem.cpp b/retroshare-gui/src/gui/feeds/SecurityItem.cpp
index 45c79d516..47a9fb552 100644
--- a/retroshare-gui/src/gui/feeds/SecurityItem.cpp
+++ b/retroshare-gui/src/gui/feeds/SecurityItem.cpp
@@ -131,7 +131,7 @@ void SecurityItem::updateItemStatic()
 			requestLabel->hide();
 			break;
 		case RS_FEED_ITEM_SEC_BAD_CERTIFICATE:
-			title = tr("Certificate is invalid.");
+			title = tr("Certificate is invalid. This peer is probably not who he claims to be.");
 			requestLabel->hide();
 			break;
 		case RS_FEED_ITEM_SEC_INTERNAL_ERROR: