diff --git a/src/api/debug/certificates.ts b/src/api/debug/certificates.ts
index c60009d0b..cab49b956 100644
--- a/src/api/debug/certificates.ts
+++ b/src/api/debug/certificates.ts
@@ -101,7 +101,7 @@ export async function setup(connection: IBMi) {
     `openssl req -new -key debug_service.key -out debug_service.csr -subj '/CN=${host}'`,
     `openssl x509 -req -in debug_service.csr -signkey debug_service.key -out debug_service.crt -days 1095 -sha256 -req -extfile <(printf "${extFileContent}")`,
     `openssl pkcs12 -export -out debug_service.pfx -inkey debug_service.key -in debug_service.crt -password pass:${host}`,
-    `rm debug_service.key debug_service.csr debug_service.crt`, 
+    `rm debug_service.key debug_service.csr debug_service.crt`,
     `chmod 444 debug_service.pfx`
   ];
 
@@ -112,7 +112,7 @@ export async function setup(connection: IBMi) {
   });
 
   if (mkdirResult.code && mkdirResult.code > 0) {
-    throw new Error(`Failed to create server certificate directory: ${directory}`);
+    throw new Error(`Failed to create server certificate directory ${directory}: ${mkdirResult.stderr}`);
   }
 
   const creationResults = await connection.sendCommand({
@@ -121,23 +121,26 @@ export async function setup(connection: IBMi) {
   });
 
   if (creationResults.code && creationResults.code > 0) {
-    throw new Error(`Failed to create server certificate.`);
+    throw new Error(`Failed to create server certificate: ${creationResults.stderr}`);
   }
 }
 
 export async function downloadClientCert(connection: IBMi) {
   const localPath = getLocalCertPath(connection);
+  await fs.writeFile(localPath, await readRemoteCertificate(connection), { encoding: `utf8` });
+}
 
+export async function readRemoteCertificate(connection: IBMi) {
   const result = await connection.sendCommand({
     command: `openssl s_client -connect localhost:${connection.config?.debugPort} -showcerts < /dev/null 2> /dev/null | openssl x509 -outform PEM`,
     directory: getRemoteCertificateDirectory(connection)
   });
 
   if (result.code && result.code > 0) {
-    throw new Error(`Failed to download client certificate.`);
+    throw new Error(`Failed to download client certificate: ${result.stderr}`);
   }
 
-  await fs.writeFile(localPath, result.stdout, {encoding: `utf8`});
+  return result.stdout;
 }
 
 export function getLocalCertPath(connection: IBMi) {
@@ -161,7 +164,7 @@ export async function legacyCertificateChecks(connection: IBMi, serviceIsRunning
   const usingLegacyCertPath = (getRemoteCertificateDirectory(connection) === LEGACY_CERT_DIRECTORY);
   const certsExistAtConfig = await remoteServerCertificateExists(connection);
 
-  let changeCertDirConfig: string|undefined;
+  let changeCertDirConfig: string | undefined;
 
   if (usingLegacyCertPath) {
     if (serviceIsRunning) {